On 2/25/11 12:18 PM, Paolo Andretta wrote:
> On Fri, 25 Feb 2011, Tom Eastep wrote:
> 

> Ok, Changed in:
> 
> vmbr0           192.168.109.0/24        1.2.3.109
> vmbr0           192.168.110.0/24        1.2.3.110
> vmbr0           192.168.108.0/24        1.2.3.108
> 
> vmbr9           192.168.109.0/24        1.2.3.109     <<< NEW Attempt

Should be:

vmbr9:192.168.109.1     192.168.109.0/24          1.2.3.109

> 
> DNAT    dmz     dmz:192.168.109.9 tcp     20,21,80,443  -    1.2.3.109

Correct

> 
> to /rules seems solve the problem.
> But I reach this result by attpmts, not following a logical path (in my 
> mind that have limited understanding of [SD]NAT & c.
> Is this conf correct?
> Can I extend to the other servers or am I solving a problem and generating 
> many others?

Yes -- you need one line per server in each file.

-Tom

-- 
Tom Eastep        \ When I die, I want to go like my Grandfather who
Shoreline,         \ died peacefully in his sleep. Not screaming like
Washington, USA     \ all of the passengers in his car
http://shorewall.net \________________________________________________

Attachment: signature.asc
Description: OpenPGP digital signature

------------------------------------------------------------------------------
Free Software Download: Index, Search & Analyze Logs and other IT data in 
Real-Time with Splunk. Collect, index and harness all the fast moving IT data 
generated by your applications, servers and devices whether physical, virtual
or in the cloud. Deliver compliance at lower cost and gain new business 
insights. http://p.sf.net/sfu/splunk-dev2dev 
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users

Reply via email to