James Gray wrote: > Hi All, > > We currently have two ISP's set up using QoS and other goodies being managed > by Shorewall 4.0.4-1 (Perl). Everything is working nicely. However, we > would like to port forward (destination NAT) a range of ports for one ISP > only. The other ISP should not allow those specific ports to be forwarded. > > I've searched the documentation, but can't seem to find the correct syntax to > achieve the desired result. > > My /etc/shorewall/interfaces file looks like this: > > #ZONE INTERFACE BROADCAST OPTIONS > lan $LAN_IF detect routeback > dmz1 $DMZ1_IF detect - > dmz2 $DMZ2_IF detect - > net $NET_IF1 detect $NET1_OPTIONS > net $NET_IF2 detect $NET2_OPTIONS > > So, any takers? Any further info required? > > Cheers,
Use the "ORIGINAL DEST" column with your dnat rule in the rules file, with the ip from the provider that you wish to use as the "ORIGINAL DEST" see man shorewall-rules for more info. Jerry ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
