On 01/18/2018 06:50 PM, pe...@easthope.ca wrote: > From: Tom Eastep <teas...@shorewall.net> > Date: Thu, 18 Jan 2018 17:54:23 -0800 >> Shorewall does not currently support port masquerading. > > OK, thanks. > > A rhetorical question; byproduct of my puzzling: Can the concept > of socket (address,port) help the notation? Consolidate and > simplify. Analogous to vector notation avoiding individual elements. >
It turns out that, while not documented, Shorewall can support port masquerading. For masquerade, simply include the new port number in parentheses (e.g., MASQUERADE(444)). You must specify the appropriate protocol in the PROTO column. This also works for SNAT (e.g., SNAT(1.2.3.4:444). -Tom -- Tom Eastep \ Q: What do you get when you cross a mobster with Shoreline, \ an international standard? Washington, USA \ A: Someone who makes you an offer you can't http://shorewall.org \ understand \_______________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users