Marco C. Coelho wrote: > Ok lets start from the top. > > I have multiple pppoe servers terminating connections. Users are > normally issued public ip addresses. > When I suspend a user, they get a private 192.168.50.0/24 ip address.
Given that your REDIRECT rule had 'net' in the SOURCE column, we
naturally assumed that 192.168.40.0/24 is OUTSIDE your firewall, not
inside. You give us incomplete information, you get wrong and/or
incomplete answers.
>
> I want to redirect any IPs in the 192.168.50.0/24 to a web page on a
> server that has a simple SUSPENDED message.
>
> having temporarily abandoned shorewall due to the problem I was having,
> I presently have this in IPTABLES:
>
> iptables -t nat -A PREROUTING -p tcp -s 192.168.50.0/24 -d 0.0.0.0/0 -j
> REDIRECT --to 64.202.230.254:80
That is just:
DNAT- y:192.168.40.0/24 z:64.202.230.254:80 tcp
Where
y = Zone containing 192.168.40.0/24
z = Zone containing 64.202.230.254
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ The NEW KODAK i700 Series Scanners deliver under ANY circumstances! Your production scanning environment may not be a perfect world - but thanks to Kodak, there's a perfect scanner to get the job done! With the NEW KODAK i700 Series Scanner you'll get full speed at 300 dpi even with all image processing features enabled. http://p.sf.net/sfu/kodak-com
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
