Hi,
I'd like to have local servers connect to the firewall external ip and
have the traffic routed back to the local network. It works manually,
but I can't figure out how to make this work through shorewall:
This works:
iptables -t nat -A POSTROUTING -d 10.10.5.242 -s 10.10.0.0/16 -p tcp --
dport 80 -j SNAT --to 10.10.3.12
And looks like this: iptables -L -t nat
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
bond0_masq 0 -- anywhere anywhere
SNAT tcp -- 10.10.0.0/16 10.10.5.242 tcp
dpt:www to:10.10.3.12
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain bond0_masq (1 references)
target prot opt source destination
SNAT 0 -- 10.10.0.0/16 anywhere to:
77.66.16.1
This does not work:
/etc/shorewall/masq:
#INTERFACE SOURCE ADDRESS PROTO
PORT(S) IPSEC MARK
bond0:10.10.5.242 10.10.0.0/16 10.10.3.12 tcp 80
Looks like:
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
bond0_masq 0 -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain bond0_masq (1 references)
target prot opt source destination
SNAT tcp -- 10.10.0.0/16 10.10.5.242 tcp
dpt:www to:10.10.3.12
Any help is greatly appreciated...
Regards
Kristoffer
-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users
