Currently I have DNAT rules like here: DNAT net loc:11.22.33.44 tcp 80 1.2.3.4 DNAT net loc:11.22.33.44 tcp 80 1.2.3.5
nat: 1.2.3.4 eth1 11.22.33.44 masq: +eth0 eth1 Still can not work. Willy On Sat, 2009-05-02 at 20:30 -0700, Tom Eastep wrote: > sangprabv wrote: > > Thanks for correction. My firewall has eth0 with IP 1.2.3.1 as the > > public IP, and eth1 with IP 11.22.33.11 as the local IP. Currently I > > have assigned public IP 1.2.3.4 to be handled by local IP 11.22.33.44. > > But in other case I also want my local IP 11.22.33.44 appears to be > > public IP 1.2.3.5 from the internet. How to do it with shorewall? TIA. > > Your question still is as clear as mud -- but: > > - DNAT rules in /etc/shorewall/rules override entries in /etc/shorewall/nat. > > - Entries in /etc/shorewall/masq that begin with '+' override entries in > /etc/shorewall/nat. > > Hope that helps. > > -Tom > ------------------------------------------------------------------------------ > Register Now & Save for Velocity, the Web Performance & Operations > Conference from O'Reilly Media. Velocity features a full day of > expert-led, hands-on workshops and two days of sessions from industry > leaders in dedicated Performance & Operations tracks. Use code vel09scf > and Save an extra 15% before 5/3. http://p.sf.net/sfu/velocityconf > _______________________________________________ Shorewall-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/shorewall-users ------------------------------------------------------------------------------ Register Now & Save for Velocity, the Web Performance & Operations Conference from O'Reilly Media. Velocity features a full day of expert-led, hands-on workshops and two days of sessions from industry leaders in dedicated Performance & Operations tracks. Use code vel09scf and Save an extra 15% before 5/3. http://p.sf.net/sfu/velocityconf _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
