On 05/21/2013 07:07 AM, Tom Eastep wrote: > On 05/20/2013 10:53 PM, [email protected] wrote: >> Hi all, >> >> I have tried to figure out how to do this one but I think I have just >> confused myself more… >> My firewall is a 2 interface setup, the same box is my router to my uplink. >> >> I’m not using nat at all and have a public IP range behind this machine. >> >> net = eth0 >> >> loc = eth1 >> >> >> Most of my rules are mainly the basic >> >> HTTP(ACCEPT) net loc:111.111.111.112 >> >> SMTP(ACCEPT) net loc:111.111.111.113 >> etc >> >> This time around though I wish to just redirect (or is it translate) a >> port but because I’m not using nat etc I’m not sure if this is possible. >> >> I have a mail server behind my firewall that already has a rule in place >> SMTP(ACCEPT) net loc:111.1111.111.111 >> >> So this allows inbound port 25 connections to the machine on loc no >> issues at all. >> >> What I want to do is have an incoming connection on port 26 to >> 111.111.111.111 BUT redirect it to 111.111.111.111 but on port 25, is >> this possible? > > Yes -- Shorewall FAQ 1C.
e.g. DNAT net loc::25 tcp 26 - 111.111.111.111 -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Try New Relic Now & We'll Send You this Cool Shirt New Relic is the only SaaS-based application performance monitoring service that delivers powerful full stack analytics. Optimize and monitor your browser, app, & servers with just a few lines of code. Try New Relic and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_may
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
