Dear list, Trying to setup a firewall with two isp links (eth1, eth2) and one internal interface (eth0). All the information and guidelines in the MultipleISP-document are followed. But when I issue 'shorewall restart' the process halts with the following message:
Setting up Masquerading/SNAT... iptables v1.3.6: Need TCP or UDP with port specification Try `iptables -h' or 'iptables --help' for more information. ERROR: Command "/sbin/iptables -t nat -A eth1_masq -s 89.98.247.0/24 -d 0.0.0.0/0 -j MASQUERADE --to-ports eth1" Failed I run the latest shorewall 3.4.4, freshly downloaded and installed this morning. My /etc/shorewall/masq file looks like: # cross-connection-masq eth1 $ETH2_IP $ETH1_IP eth2 $ETH1_IP $ETH2_IP The variables are setup in /etc/shorewall/params: ETH1_IP=($find_first_interface_address eth1) ETH2_IP=($find_first_interface_address eth2) The syntax of the iptables-command is wrong, but I can't figure out why Shorewall issues its commands this way. Off course, when this basic setup gets trough, entries have to be added to masq traffic from the local network etc. Any ideas on this one? -- Best regards, Sjon Wijnolst ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
