Tom Eastep wrote: > Gavin Carr wrote: >> Hi all, >> >> I'm using shorewall 4.0.13 (and the perl compiler). >> >> I need to add some arbitrary mangle rules to my iptables configuration e.g. >> >> iptables -t mangle -I PREROUTING -p udp --dport <port> -j TEE >> --gateway <ipaddr> >> >> (this is using one of the 'addon' targets in iptables 1.4.1). >> >> Is there a recommended way to add arbitrary iptables rules to shorewall? >> I was thinking I could add them via the 'start' or 'started' extension >> scripts, but wasn't sure if that was a good idea or not? Any better >> suggestions? > > There is no other supported way to add arbitrary rules in the mangle table. >
Actually, there is another way -- given that you run Shorewall-perl, you
can place this in your tcrules file:
BEGIN PERL
use Shorewall::Chains;
insert_rule( $mangle_table->{PREROUTING} , 1, '-p udp --dport 4444 -j
TEE --gateway 192.168.0.4' );
END PERL
-Tom
--
Tom Eastep \ The ultimate result of shielding men from the effects of
Shoreline, \ folly is to fill the world with fools.
Washington, USA \ -- Herbert Spencer
------------------------------------------------------------------------
http://www.shorewall.net
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
