Re: [leaf-user] Re: shorewall

Wed, 27 Nov 2002 19:21:30 -0800

That's what I thought . So DNAT replaces both rules in some way. So for my son's Starcraft game. In Dachstein:
ipmasqadm autofw -A -r udp 6112 6112 -h 192.168.1.202 -v
ipmasqadm autofw -A -r tcp 6112 6112 -h 192.168.1.202 -v

in Shorewall
DNAT net loc:192.168.1.202 udp 6112
DNAT net loc:192.168.1.202 tcp 6112
Andrey


Tom Eastep wrote:



--On Wednesday, November 27, 2002 8:48 PM -0500 "C. Dummy" <[EMAIL PROTECTED]> wrote:

I'm trying to move from Dachstein to Bering but I have to rewrite few
rules. Is autofw and portfw from Dachstein , DNAT in Shorewall or there
is a difference? Andrey

It is dangerous to try to map these different notions, but:

DNAT is roughly the equivalent of portfw plus a bunch of accept rules; iptables is stateful and has a very simple model for its rules while ipchains presents an absurd gauntlet of rules that each packet has to pass through, not to mention another series that treplies must negotiate.

In other words, a single Shorewall DNAT rule performs portforwarding and passes the traffic to/from the server -- in ipchains, you had to have a portfw rule PLUS a set of ipchains rules to move the packets through your firewall.

There is no direct analog of autofw in Bering.

-Tom
--
Tom Eastep \ Shorewall - iptables made easy
AIM: teastep \ http://shorewall.sf.net
ICQ: #60745924 \ [EMAIL PROTECTED]


-------------------------------------------------------
This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power & Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html





-------------------------------------------------------
This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power & Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Reply via email to