On 7/4/10 3:21 PM, Steven Jan Springl wrote: > DNAT 192.168.168.0/24 eth4 10.199.0.0/16 GARBAGE
Thanks, Steven. NET3 bug fixed by the attached patch. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
diff --git a/Shorewall/Perl/Shorewall/Nat.pm b/Shorewall/Perl/Shorewall/Nat.pm
index c65b72c..4c6f4c6 100644
--- a/Shorewall/Perl/Shorewall/Nat.pm
+++ b/Shorewall/Perl/Shorewall/Nat.pm
@@ -461,15 +461,15 @@ sub setup_netmap() {
fatal_error "Unknown interface ($interface)" unless my
$interfaceref = known_interface( $interface );
unless ( $interfaceref->{root} ) {
- $rulein = match_source_dev( $interface ) . match_source_net (
$net3 );
- $ruleout = match_dest_dev( $interface ) . match_dest_net (
$net3 );
+ $rulein = match_source_dev( $interface );
+ $ruleout = match_dest_dev( $interface );
$interface = $interfaceref->{name};
}
if ( $type eq 'DNAT' ) {
- add_rule ensure_chain( 'nat' , input_chain $interface ) ,
$rulein . "-d $net1 -j NETMAP --to $net2";
+ add_rule ensure_chain( 'nat' , input_chain $interface ) ,
$rulein . match_source_net( $net3 ) . "-d $net1 -j NETMAP --to $net2";
} elsif ( $type eq 'SNAT' ) {
- add_rule ensure_chain( 'nat' , output_chain $interface ) ,
$ruleout . "-s $net1 -j NETMAP --to $net2";
+ add_rule ensure_chain( 'nat' , output_chain $interface ) ,
$ruleout . match_dest_net( $net3 ) . "-s $net1 -j NETMAP --to $net2";
} else {
fatal_error "Invalid type ($type)";
}
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ This SF.net email is sponsored by Sprint What will you do first with EVO, the first 4G phone? Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first
_______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
