Hi all,
I've been using SuSE and SuSEfirewall for a long time, and now I'm giving
Shorewall a try. It's a great piece of software and I have already moved
some systems to Ubuntu and Shorewall very easily, just following the docs.
But now I'm moving another system and am facing a problem that I could not
find in the docs.
How do I do MASQUERADING to a specific target?
Supose I have an internal network (192.168.0.0/24) and need to allow one or
more workstations (but not all) to Terminal services (3389/tcp) to some
specific host on the Internet?
In other words, what I need is:
iptables -A FORWARD -p tcp -s 192.168.0.x -d xxx.xxx.xxx.xxx --dport 3389 -j
ACCEPT
iptables -t NAT -A POSTROUTING -p tcp -s 192.168.0.x -d xxx.xxx.xxx.xxx
--dport 3389 -j MASQUERADE
iptables -A FORWARD -p tcp -s 192.168.0.y -d xxx.xxx.xxx.xxx --dport 3389 -j
ACCEPT
iptables -t NAT -A POSTROUTING -p tcp -s 192.168.0.y -d xxx.xxx.xxx.xxx
--dport 3389 -j MASQUERADE
iptables -A FORWARD -p tcp -s 192.168.0.z -d xxx.xxx.xxx.xxx --dport 3389 -j
ACCEPT
iptables -t NAT -A POSTROUTING -p tcp -s 192.168.0.z -d xxx.xxx.xxx.xxx
--dport 3389 -j MASQUERADE
I first would put it in masq file, but I couldn't find a way to specify the
destination address and port. Then I would put it in the rules file, but
then and cannot specify MASQ as the action.
What's the right way to do it?
By the way, I'm running Ubuntu 8.0.4 LTS and Shorewall 4.0.6.
Tnxs in advance,
Braulio W. Gergull
------------------------------------------------------------------------------
Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day
trial. Simplify your report design, integration and deployment - and focus on
what you do best, core application coding. Discover what's new with
Crystal Reports now. http://p.sf.net/sfu/bobj-july
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
