On 09/28/2012 11:37 AM, Dragan Jurkovic wrote: > Hi, > > I have IMAPS server which is behind firewall and accessible from > outside by simple DNAT rule: > > DNAT net loc:192.168.201.X:993 tcp NNNNN > > NNNNN is non-standard port. > I am havng trouble configuring shorewall to allow same access form > inside. Even after thorough reading of DNAT documentation I am still > puzzled. > I tried: > > DNAT loc loc:192.168.201.X:993 tcp NNNNN - 192.168.201.Y > > in rules file where 192.168.201.X is local IMAPS server and > 192.168.201.Y is firewall internal address. > I even tried to add: > > eth0:192.168.201.X eth0 192.168.201.Y tcp NNNNN > > in masq file (eth0 is internal interface on firewall), but connection > always times out. As I can see shorewall is not blocking anything, but > packets are lost somewhere. > Is there any way to achieve this?
This is Shorewall FAQ 2. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ Got visibility? Most devs has no idea what their production app looks like. Find out how fast your code is with AppDynamics Lite. http://ad.doubleclick.net/clk;262219671;13503038;y? http://info.appdynamics.com/FreeJavaPerformanceDownload.html _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
