On 04/27/2010 01:58 PM, Orlandinei Vujanski wrote: > Thanks Tom > But my internal equipment only responds on port 2180, how do they > respond to this request?
The rules file entry that I gave you generates the same DNAT transformation as your iptables nat table rule. The ACCEPT iptables rule generated by my DNAT entry is slightly tighter than yours in that it insists that the original IP address prior to DNAT be 200.200.10.10. My entry also maps only connections originating in the 'net' zone and assumes that the server resides in the 'loc' zone; you'll need to change those names to fit your naming convention and topology. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
