> rule: video/ACCEPT   net    loc:192.168.0.18
You need a DNAT, not an accept.

  Why I need use DNAT? others rules no need to do that

Prasanna Krishnamoorthy <[EMAIL PROTECTED]> 說:
  On 10/26/07, Wilson Kwok wrote:
> Hello,
>
> We have a video conference server using tcp and udp 3001 prot in
> internal,
> external user said that can't connect to video server and held on 3001 fail,
> the following is file configuration,
>
> nat: 1.2.3.4 eth1:3 192.168.0.18
Is this some form of masq rule in the shorewall masq file?

> rule: video/ACCEPT net loc:192.168.0.18
You need a DNAT, not an accept.

And I'd write it as

DNAT net loc:192.168.0.18 tcp 3000,3002...

Prasanna.
>
> marco.video:
>
> PARAM - - tcp 3000
> PARAM - - udp 3000
> PARAM - - tcp 3001
> PARAM - - udp 3001
> PARAM - - tcp 3003
> PARAM - - udp 3003
> PARAM - - tcp 3005
> PARAM - - udp 3005
> PARAM - - tcp 3009
> PARAM - - udp 3009
> PARAM - - tcp 8080
>
>
>
>
> ________________________________
> 對Yahoo! Mail 有任何意見或建議,請 聯絡我們
>
>
> -------------------------------------------------------------------------
> This SF.net email is sponsored by: Splunk Inc.
> Still grepping through log files to find problems? Stop.
> Now Search log events and configuration files using AJAX and a browser.
> Download your FREE copy of Splunk now >> http://get.splunk.com/
> _______________________________________________
> Shorewall-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/shorewall-users
>
>


-- 
www.elinanetworks.com
Seamless, secure delivery of applications.
-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems? Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> 
http://get.splunk.com/_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users


       
---------------------------------
對Yahoo! Mail 有任何意見或建議,請 聯絡我們 
-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems?  Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users

Reply via email to