Hi Everyone! I'm having problems to redirect an UDP port to an external server. My firewall have 4 interfaces: NET, LOC (192.168.0.0/24), DMZ(192.168.1.0/24), CMTC(10.0.0.0/24). On CMTC interface I have a direct connection to another network using a VPN link.
I need to redirect an UDP port to on server (10.1.0.2) on CMTC zone using my local IP (192.168.0.1) for gateway. I will use an local aplicattion to connect to 192.168.0.1:3000 (udp) and it needs to redirect to cmtc:10.1.0.2:3000 using the VPN link. On an old iptables firewall, I have the following rules: iptables -A FORWARD -p UDP -j ACCEPT iptables -t nat -A PREROUTING -p UDP -i eth0 -s 0/0 --dport 3000 -j DNAT --to 10.1.0.2 My shorewall rule: DNAT loc cmtc:10.1.0.2 udp - 3000 The iptables rules works fine but my shorewall rule doesn't. I find out that the packages arrive on server 10.1.0.2 but I have no return. I fix it temporally using socat: socat -d -d udp-listen:3000,fork,reuseaddr udp-sendto:10.1.0.2:3000 Can you help me to figure this out? João K. ------------------------------------------------------------------------------ Download Intel® Parallel Studio Eval Try the new software tools for yourself. Speed compiling, find bugs proactively, and fine-tune applications for parallel performance. See why Intel Parallel Studio got high marks during beta. http://p.sf.net/sfu/intel-sw-dev _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
