On 11/20/19 12:41 AM, Benedict Simon Dcunha wrote: > > Dear All, > > > > I am using Shore wall for a long time and its working file . It > connects to other department through our local ISP for our data > connectivity with no access to internet > > Version 4.5.8 > > Os centos 5.9 64 Bit > > > > I am using a masq file as below for our network users to outside using > the eth0 Ip which connects to the our gateway data router as below > > > > > > > > # For information about entries in this file, type "man shorewall-masq" > > ############################################################################### > > #INTERFACE SOURCE ADDRESS PROTO > PORT(S) IPSEC MARK > > # > > eth0 172.16.0.0/16,\ > > 192.168.30.0/16,\ > > 91.198.134.0/24,\ > > 10.1.0.0/16,\ > > 10.2.1.0/24,\ > > 192.168.30.0/24,\ > > 192.168.144.0/24,\ > > 192.168.107.0/24 > > # > > > > This setup is working perfectly > > > > Now I have a new Server with the below > > > > Centos 7 > > Shorewall 5.1.10.2 > > > > Now the masq file is superseded by the snat file so I have the below > SNAT file > > > > ACTION SOURCE > DEST > > > > MASQUERADE 172.16.0.0/24 enp31s10f0 > > MASQUERADE 10.1.0.0/24 > enp31s10f0 > > MASQUERADE 10.2.1.0/24 > enp31s10f0 > > MASQUERADE 192.168.0.0/24 enp31s10f0 >
Looks like the last one should be: MASQUERADE 192.168.0.0/16 enp31s10f0 -- -Tom -- Tom Eastep \ Q: What do you get when you cross a mobster with Shoreline, \ an international standard? Washington, USA \ A: Someone who makes you an offer you can't http://shorewall.org \ understand \_______________________________________________
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
