On 10/17/2017 01:17 PM, Joaquim Homrighausen wrote: > > > Thank you. Can I take this a bit further, just trying to get a grip on > Shorewall thinking … > > > > The FW flies two interfaces with two addresses. So let’s say I only have > SSHD listening on the loc interface, 192.168.0.1:3333. > > > > What would be the proper construct to use then, is this where DNAT would > come into play? Or do we use DNAT only when we’re exposing another > machine via the FW? >
That is Shorewall FAQ 1e - http://www.shorewall.net/FAQ.htm#faq1e; that FAQ also chages the port number but the principle is the same when the port number remains unmodified. -Tom -- Tom Eastep \ Q: What do you get when you cross a mobster with Shoreline, \ an international standard? Washington, USA \ A: Someone who makes you an offer you can't http://shorewall.org \ understand \_______________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
