Tom Eastep wrote: > Ed wrote: >> On Friday 01 December 2006 16:24, Tom Eastep wrote: >>> PARAM - - tcp 1729 >>> PARAM - - 47 >>> PARAM DEST SOURCE 47 >> Hi Tom, >> What I meant by doing changes was the changes required for an upgrade from >> 3.0 >> to 3.2 (macro.HTTP, ...). I did no changes to the rules file. I hadn't >> realised "DEST" and "SOURCE" shouldn't be substituted. >> >> So this is what I have now: >> >> rules: >> pptp/DNAT net dmz:192.168.253.2 > > I could have sworn that when you first posted, you had pptp/ACCEPT. > >> macro: >> PARAM - - tcp 1729 >> PARAM - - 47 >> PARAM DEST SOURCE 47 >> >> error: >> ERROR: DNAT rules require a server address; rule: "DNAT dmz:192.168.253.2 >> net >> 47 - - - - -" >> >> I should have mentioned I was using DNAT, sorry about that. > > Then make the TARGET in the last rule ACCEPT rather than PARAM.
Oops -- wrong terminology. The first column in a macro file is ACTION, not
TARGET (TARGET is the first column in an action file). At any rate, the last
rule in your macro should be:
ACCEPT DEST SOURCE 47
-Tom
--
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ [EMAIL PROTECTED]
PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
