Not being a Shorewall expert, I can't help you with that part. But as to
the underlying iptables rules (the first part of what you describe doing),
you've only done half of what you need. In addition to the changes to
PREROUTING, you need entries similar to this (for each port and
protocolinvolved):
iptables -A inbound -d 192.168.1.6 -p tcp --destination-port 4661 -j ACCEPT
I say "similar to" because you probably use a chain name other than
"inbound" to process FORWARD-chain packets from the external interface to
the LAN interface.
I'm a bit hazy on how edonkey works, but you *might* need to extend these
rules to cover udp packets as well as tcp.
At 01:04 PM 10/12/02 +0200, Maciek Kurkiewicz wrote:
>I have really big problem with using edonkey on my network, I had installed
>some time ago shorewall and I think that it is really good program. But ...
>edonkey don't work ... :(
>
>I have done :
> iptables -t nat -F {PREROUTING,POSTROUTING}
> iptables -F
> iptables -P {INPUT,FORWARD,OUTPUT} ACCEPT
>
>and ..
>
>iptables -t nat -A PREROUTING -p tcp --dport 4661 -j DNAT --to-destination
>192.168.1.6:4661
>iptables -t nat -A PREROUTING -p tcp --dport 4662 -j DNAT --to-destination
>192.168.1.6:4662
>for ports 4661, 4662,4663,4664,4665,4666
>IP 192.168.1.6 is my computer IP in network.
[rest deleted]
--
-------------------------------------------"Never tell me the odds!"--------
Ray Olszewski -- Han Solo
Palo Alto, California, USA [EMAIL PROTECTED]
-------------------------------------------------------------------------------
-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
