On 2/25/11 12:18 PM, Paolo Andretta wrote: > On Fri, 25 Feb 2011, Tom Eastep wrote: >
> Ok, Changed in: > > vmbr0 192.168.109.0/24 1.2.3.109 > vmbr0 192.168.110.0/24 1.2.3.110 > vmbr0 192.168.108.0/24 1.2.3.108 > > vmbr9 192.168.109.0/24 1.2.3.109 <<< NEW Attempt Should be: vmbr9:192.168.109.1 192.168.109.0/24 1.2.3.109 > > DNAT dmz dmz:192.168.109.9 tcp 20,21,80,443 - 1.2.3.109 Correct > > to /rules seems solve the problem. > But I reach this result by attpmts, not following a logical path (in my > mind that have limited understanding of [SD]NAT & c. > Is this conf correct? > Can I extend to the other servers or am I solving a problem and generating > many others? Yes -- you need one line per server in each file. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Free Software Download: Index, Search & Analyze Logs and other IT data in Real-Time with Splunk. Collect, index and harness all the fast moving IT data generated by your applications, servers and devices whether physical, virtual or in the cloud. Deliver compliance at lower cost and gain new business insights. http://p.sf.net/sfu/splunk-dev2dev
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users