On Mon, 2011-08-29 at 21:04 +1000, Dave Kempe wrote: > > Any pointers? have I missed something obvious. I know the logmsg says > cust2fw, but I assume thats because the DNAT is failing to add and > accompanying ACCEPT rule for the ipset.
The DNAT is not occurring, so the connection is being sent down the cust2fw chain. Note that the destination address is still XXX.XXX.XXX.XX and the dest port is 2222. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: This is a digitally signed message part
------------------------------------------------------------------------------ EMC VNX: the world's simplest storage, starting under $10K The only unified storage solution that offers unified management Up to 160% more powerful than alternatives and 25% more efficient. Guaranteed. http://p.sf.net/sfu/emc-vnx-dev2dev
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
