sangprabv wrote: > Currently I have DNAT rules like here: > DNAT net loc:11.22.33.44 tcp 80 1.2.3.4 > DNAT net loc:11.22.33.44 tcp 80 1.2.3.5 > > nat: > 1.2.3.4 eth1 11.22.33.44 Create 11.22.33.45 on youe server, and add this: 1.2.3.5 eth1 11.22.33.45 and try deleting DNAT rules.
> > masq: > +eth0 eth1 > > Still can not work. > > > > Willy > > > On Sat, 2009-05-02 at 20:30 -0700, Tom Eastep wrote: >> sangprabv wrote: >>> Thanks for correction. My firewall has eth0 with IP 1.2.3.1 as the >>> public IP, and eth1 with IP 11.22.33.11 as the local IP. Currently I >>> have assigned public IP 1.2.3.4 to be handled by local IP 11.22.33.44. >>> But in other case I also want my local IP 11.22.33.44 appears to be >>> public IP 1.2.3.5 from the internet. How to do it with shorewall? TIA. >> Your question still is as clear as mud -- but: >> >> - DNAT rules in /etc/shorewall/rules override entries in /etc/shorewall/nat. >> >> - Entries in /etc/shorewall/masq that begin with '+' override entries in >> /etc/shorewall/nat. >> >> Hope that helps. >> >> -Tom >> ------------------------------------------------------------------------------ >> Register Now & Save for Velocity, the Web Performance & Operations >> Conference from O'Reilly Media. Velocity features a full day of >> expert-led, hands-on workshops and two days of sessions from industry >> leaders in dedicated Performance & Operations tracks. Use code vel09scf >> and Save an extra 15% before 5/3. http://p.sf.net/sfu/velocityconf >> _______________________________________________ Shorewall-users mailing list >> [email protected] >> https://lists.sourceforge.net/lists/listinfo/shorewall-users > > > ------------------------------------------------------------------------------ > Register Now & Save for Velocity, the Web Performance & Operations > Conference from O'Reilly Media. Velocity features a full day of > expert-led, hands-on workshops and two days of sessions from industry > leaders in dedicated Performance & Operations tracks. Use code vel09scf > and Save an extra 15% before 5/3. http://p.sf.net/sfu/velocityconf > _______________________________________________ > Shorewall-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/shorewall-users > > ------------------------------------------------------------------------------ Register Now & Save for Velocity, the Web Performance & Operations Conference from O'Reilly Media. Velocity features a full day of expert-led, hands-on workshops and two days of sessions from industry leaders in dedicated Performance & Operations tracks. Use code vel09scf and Save an extra 15% before 5/3. http://p.sf.net/sfu/velocityconf _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
