On 09/28/2012 11:59 AM, Dragan Jurkovic wrote: > On Fri, Sep 28, 2012 at 2:50 PM, Tom Eastep <teas...@shorewall.net> wrote: >> On 09/28/2012 11:37 AM, Dragan Jurkovic wrote: >>> Hi, >>> >>> I have IMAPS server which is behind firewall and accessible from >>> outside by simple DNAT rule: >>> >>> DNAT net loc:192.168.201.X:993 tcp NNNNN >>> >>> NNNNN is non-standard port. >>> I am havng trouble configuring shorewall to allow same access form >>> inside. Even after thorough reading of DNAT documentation I am still >>> puzzled. >>> I tried: >>> >>> DNAT loc loc:192.168.201.X:993 tcp NNNNN - >>> 192.168.201.Y >>> >>> in rules file where 192.168.201.X is local IMAPS server and >>> 192.168.201.Y is firewall internal address. >>> I even tried to add: >>> >>> eth0:192.168.201.X eth0 192.168.201.Y tcp NNNNN >>> >>> in masq file (eth0 is internal interface on firewall), but connection >>> always times out. As I can see shorewall is not blocking anything, but >>> packets are lost somewhere. >>> Is there any way to achieve this? >> This is Shorewall FAQ 2. > Thanks Tom - I did read FAQ 2 and followed it to the letter, but have > no success. If I am reading your routing correctly the local machines trying to get to the imap server would not be traversing through the firewall since it is on the same network. You would need to configure the local machines to connect to the imap server on the nonstandard port. >> -Tom >> -- >> Tom Eastep \ When I die, I want to go like my Grandfather who >> Shoreline, \ died peacefully in his sleep. Not screaming like >> Washington, USA \ all of the passengers in his car >> http://shorewall.net \________________________________________________ >> >> ------------------------------------------------------------------------------ >> Got visibility? >> Most devs has no idea what their production app looks like. >> Find out how fast your code is with AppDynamics Lite. >> http://ad.doubleclick.net/clk;262219671;13503038;y? >> http://info.appdynamics.com/FreeJavaPerformanceDownload.html >> _______________________________________________ >> Shorewall-users mailing list >> Shorewall-users@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/shorewall-users > ------------------------------------------------------------------------------ > Got visibility? > Most devs has no idea what their production app looks like. > Find out how fast your code is with AppDynamics Lite. > http://ad.doubleclick.net/clk;262219671;13503038;y? > http://info.appdynamics.com/FreeJavaPerformanceDownload.html > _______________________________________________ > Shorewall-users mailing list > Shorewall-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/shorewall-users
------------------------------------------------------------------------------ Got visibility? Most devs has no idea what their production app looks like. Find out how fast your code is with AppDynamics Lite. http://ad.doubleclick.net/clk;262219671;13503038;y? http://info.appdynamics.com/FreeJavaPerformanceDownload.html _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
