Ivica Glavocic wrote: > All connections from any zone going to server 80.1.1.1 on port 210 in zone > DMZ should be redirected to that same IP in same zone but on port 200 > > > Can someone please write me rule for this? Most logical for me was: > > ACTION: DNAT > SOURCE: all > DEST: DMZ:80.1.1.1:210 > PROTO: tcp > DEST PORT: 100 > SOURCE PORT: - > ORIGINAL DEST: 80.1.1.1 > > ... but it doesn't work. >
What you have just described would redirect all connections to 80.1.1.1:100 to 80.1.1.1:210. I don't know why you had 100 in the DEST PORT column since your problem statement said port 200. But to do what you *say* you want, the rule is: DNAT all DMZ:80.1.1.1:200 tcp 210 - 80.1.1.1 -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
