Hi, Im a bit confuse 11.22.33.45 is a private IP which owned by a server behind my firewall. If you ask me to create that IP on my shorewall server I think it cause conflict right? And FYI 1.2.3.5 is the public IP. TIA.
Willy On Sun, 2009-05-03 at 12:47 +0200, Ljubomir Ljubojevic wrote: > sangprabv wrote: > > Currently I have DNAT rules like here: > > DNAT net loc:11.22.33.44 tcp 80 1.2.3.4 > > DNAT net loc:11.22.33.44 tcp 80 1.2.3.5 > > > > nat: > > 1.2.3.4 eth1 11.22.33.44 > Create 11.22.33.45 on youe server, and add this: > 1.2.3.5 eth1 11.22.33.45 > and try deleting DNAT rules. > > > > > masq: > > +eth0 eth1 > > > > Still can not work. > > > > > > > > Willy > > > > > > On Sat, 2009-05-02 at 20:30 -0700, Tom Eastep wrote: > >> sangprabv wrote: > >>> Thanks for correction. My firewall has eth0 with IP 1.2.3.1 as the > >>> public IP, and eth1 with IP 11.22.33.11 as the local IP. Currently I > >>> have assigned public IP 1.2.3.4 to be handled by local IP 11.22.33.44. > >>> But in other case I also want my local IP 11.22.33.44 appears to be > >>> public IP 1.2.3.5 from the internet. How to do it with shorewall? TIA. > >> Your question still is as clear as mud -- but: > >> > >> - DNAT rules in /etc/shorewall/rules override entries in > >> /etc/shorewall/nat. > >> > >> - Entries in /etc/shorewall/masq that begin with '+' override entries in > >> /etc/shorewall/nat. > >> > >> Hope that helps. > >> > >> -Tom > >> ------------------------------------------------------------------------------ > >> Register Now & Save for Velocity, the Web Performance & Operations > >> Conference from O'Reilly Media. Velocity features a full day of > >> expert-led, hands-on workshops and two days of sessions from industry > >> leaders in dedicated Performance & Operations tracks. Use code vel09scf > >> and Save an extra 15% before 5/3. http://p.sf.net/sfu/velocityconf > >> _______________________________________________ Shorewall-users mailing > >> list [email protected] > >> https://lists.sourceforge.net/lists/listinfo/shorewall-users > > > > > > ------------------------------------------------------------------------------ > > Register Now & Save for Velocity, the Web Performance & Operations > > Conference from O'Reilly Media. Velocity features a full day of > > expert-led, hands-on workshops and two days of sessions from industry > > leaders in dedicated Performance & Operations tracks. Use code vel09scf > > and Save an extra 15% before 5/3. http://p.sf.net/sfu/velocityconf > > _______________________________________________ > > Shorewall-users mailing list > > [email protected] > > https://lists.sourceforge.net/lists/listinfo/shorewall-users > > > > > > > ------------------------------------------------------------------------------ > Register Now & Save for Velocity, the Web Performance & Operations > Conference from O'Reilly Media. Velocity features a full day of > expert-led, hands-on workshops and two days of sessions from industry > leaders in dedicated Performance & Operations tracks. Use code vel09scf > and Save an extra 15% before 5/3. http://p.sf.net/sfu/velocityconf > _______________________________________________ > Shorewall-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/shorewall-users ------------------------------------------------------------------------------ Register Now & Save for Velocity, the Web Performance & Operations Conference from O'Reilly Media. Velocity features a full day of expert-led, hands-on workshops and two days of sessions from industry leaders in dedicated Performance & Operations tracks. Use code vel09scf and Save an extra 15% before 5/3. http://p.sf.net/sfu/velocityconf _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
