On 8/4/10 2:15 AM, lanas wrote: > > Are there howtos out there about how to configure the different > NAT cones using Shorewall ? - Thanks ! >
No. I rarely encounter the "cone" terminology among Linux users; I can recall only one other time in the last nine years when someone used that terminology on this list. The master Shorewall documentation index may be found at http://www.shorewall.net/Documentation_Index.html. A number of articles there deal with various NAT issues: - The multi-interface HOWTOs linked from "Beginner Documentation". - DNAT - Masquerading - Network Mapping - One-to-One NAT and Static NAT (Point to same document) - Port Forwarding - FAQs (There is a "Port Forwarding" section that covers various topics such as "hairpinning"). The shorewall-masq (5), shorewall-nat (5), shorewall-netmap (5) and shorewall-rules (5) manpages should also be helpful. In general in Netfilter, all forms of SNAT (configured in /etc/shorewall/masq) require that a local client first send a packet before a response is accepted; responses are accepted only from the target of the outgoing packet. DNAT- and REDIRECT- rules in /etc/shorewall/rules enable incoming packets to have their destination address and/or destionation port to be rewritten. In this case, outgoing responses are enabled by the first incoming packet. Entries in /etc/shorewall/nat enable both forms. Entries in /etc/shorewall/netmap enable SNAT or DNAT on an entire subnet. Hope this helps. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ The Palm PDK Hot Apps Program offers developers who use the Plug-In Development Kit to bring their C/C++ apps to Palm for a share of $1 Million in cash or HP Products. Visit us here for more details: http://p.sf.net/sfu/dev2dev-palm
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
