dear Tom, Thanks a lot for the quick reply I will check it out tomorrow and keep you posted. i was just wondering if the syntax had some issues ??
regards simon On Wed, Nov 20, 2019 at 7:05 PM Tom Eastep <teas...@shorewall.net> wrote: > On 11/20/19 12:41 AM, Benedict Simon Dcunha wrote: > > > > Dear All, > > > > > > > > I am using Shore wall for a long time and its working file . It > > connects to other department through our local ISP for our data > > connectivity with no access to internet > > > > Version 4.5.8 > > > > Os centos 5.9 64 Bit > > > > > > > > I am using a masq file as below for our network users to outside using > > the eth0 Ip which connects to the our gateway data router as below > > > > > > > > > > > > > > > > # For information about entries in this file, type "man shorewall-masq" > > > > > ############################################################################### > > > > #INTERFACE SOURCE ADDRESS PROTO > > PORT(S) IPSEC MARK > > > > # > > > > eth0 172.16.0.0/16,\ <http://172.16.0.0/16,%5C> > > > > 192.168.30.0/16,\ <http://192.168.30.0/16,%5C> > > > > 91.198.134.0/24,\ <http://91.198.134.0/24,%5C> > > > > 10.1.0.0/16,\ <http://10.1.0.0/16,%5C> > > > > 10.2.1.0/24,\ <http://10.2.1.0/24,%5C> > > > > 192.168.30.0/24,\ <http://192.168.30.0/24,%5C> > > > > 192.168.144.0/24,\ <http://192.168.144.0/24,%5C> > > > > 192.168.107.0/24 > > > > # > > > > > > > > This setup is working perfectly > > > > > > > > Now I have a new Server with the below > > > > > > > > Centos 7 > > > > Shorewall 5.1.10.2 > > > > > > > > Now the masq file is superseded by the snat file so I have the below > > SNAT file > > > > > > > > ACTION SOURCE > > DEST > > > > > > > > MASQUERADE 172.16.0.0/24 enp31s10f0 > > > > MASQUERADE 10.1.0.0/24 > > enp31s10f0 > > > > MASQUERADE 10.2.1.0/24 > > enp31s10f0 > > > > MASQUERADE 192.168.0.0/24 enp31s10f0 > > > > Looks like the last one should be: > > MASQUERADE 192.168.0.0/16 enp31s10f0 -- > > -Tom > > -- > Tom Eastep \ Q: What do you get when you cross a mobster with > Shoreline, \ an international standard? > Washington, USA \ A: Someone who makes you an offer you can't > http://shorewall.org \ understand > \_______________________________________________ > > _______________________________________________ > Shorewall-users mailing list > Shorewall-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/shorewall-users >
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
