I'm responding in HTML -- your question and my response are clearly included below
-Tom On 10/17/2017 04:30 PM, Joaquim Homrighausen wrote: > > > > > > Sorry Tom, all I got was a PGP/GPG signature in your post. > > > > > > -joho > > > > > > > > *From: *Tom Eastep <mailto:teas...@shorewall.net> > *Sent: *Tuesday, October 17, 2017 23:06 > *To: *shorewall-users@lists.sourceforge.net > <mailto:shorewall-users@lists.sourceforge.net> > *Subject: *Re: [Shorewall-users] Traffic to service running on firewall > > > > > On 10/17/2017 01:17 PM, Joaquim Homrighausen wrote: > > > > > > Thank you. Can I take this a bit further, just trying to get a grip on > > Shorewall thinking … > > > > > > > > The FW flies two interfaces with two addresses. So let’s say I only > have > > SSHD listening on the loc interface, 192.168.0.1:3333. > > > > > > > > What would be the proper construct to use then, is this where DNAT > would > > come into play? Or do we use DNAT only when we’re exposing another > > machine via the FW? > > > > That is Shorewall FAQ 1e - http://www.shorewall.net/FAQ.htm#faq1e; that > FAQ also chages the port number but the principle is the same when the > port number remains unmodified. > > -Tom > -- > Tom Eastep \ Q: What do you get when you cross a mobster with > Shoreline, \ an international standard? > Washington, USA \ A: Someone who makes you an offer you can't > http://shorewall.org \ understand > \_______________________________________________ > > > > ------------------------------------------------------------------------------ > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > > > _______________________________________________ > Shorewall-users mailing list > Shorewall-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/shorewall-users -- Tom Eastep \ Q: What do you get when you cross a mobster with Shoreline, \ an international standard? Washington, USA \ A: Someone who makes you an offer you can't http://shorewall.org \ understand \_______________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users