[Shorewall-users] Conntrackd and shorewall

Israel Santana Thu, 14 Jun 2007 01:30:05 -0700

Hi,

I´m trying use conntrackd, shorewall and keepalived.

Conntrackd (now know as conntrack-tools) is working ok, keepalived too, but i don´t know how to put some iptables rules in shorewall.

eth0 is the local area (192.168.0.0/24)

eth1 is the net area (192.168.1.0/24)

[1] iptables -P FORWARD DROP

[2] iptables -A FORWARD -i eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT

[3] iptables -A FORWARD -i eth1 -p tcp --syn -m state --state NEW -j ACCEPT

[4] iptables -A FORWARD -i eth1 -p tcp -m state --state ESTABLISHED -j ACCEPT

[5] iptables -I FORWARD -j LOG

[6] iptables -I POSTROUTING -t nat -s 192.168.0.3 -j SNAT --to 192.168.1.100

I guess in masq

eth1 eth0 192.168.1.100

Can someting help me ?

Israel Santana Alemán

Consultor Sistemas
[EMAIL PROTECTED]
Tfno.: +34 928 300 505 - Ext.: 6675
Avda. de los Consignatarios, s/n. 35008 - Las Palmas de GC
www.inerza.com

-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/

_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users

[Shorewall-users] Conntrackd and shorewall

Reply via email to