On Thursday 01 December 2005 10:59, Jim Ford wrote: > I inserted the following line in my shorewall rules file: > > DNAT net loc:192.168.1.1-192.168.1.64 tcp 6881:6888 - > all > > Hoping to solve a NAT problem with my Arureus bittorrent client. I gave the > IP address as a range because I may not always be sure that 192.168.1.1 > would get assigned to the particular machine running Azureus. It didn't > work - but if I just give one address ie 192.168.1.1, it does. Can I not > use a range of IP addresses in this instance?
That is not an appropriate use of a range in the DEST of a DNAT rule. From the documentation of the DEST column: Like in the SOURCE column, a range of IP addresses may be specified in the DEST column as <first address>-<last address>. When the ACTION is DNAT or DNAT-, connections will be assigned to the addresses in the range in a round-robin fashion (load-balancing). You need to configure your DHCP server to always give the same IP address to the machine running Arureus. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
pgpRUDgJMf3Ve.pgp
Description: PGP signature
