On Tue, 2011-09-27 at 11:49 -0500, I.S.C. William wrote: > Hi .. > > I have the following code: > > /sbin/iptables -t nat -A POSTROUTING -o $INTERNA -d 130.1.0.0/16 -j > LOG --log-prefix " --out --" > > /sbin/iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o $INTERNA -d > 130.1.0.0/16 -j MASQUERADE > > how can I use to work on or turn shorewall how serious the way to put > this in shorewall code.
The second rule can be configured by adding this entry
in /etc/shorewall/masq:
$INTERNA:130.1.0.0/16 0.0.0.0/0
Shorewall doesn't support logging in the POSTROUTING chain so you will
have to configure a LOG rule in /etc/shorewall/rules that covers that
traffic.
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
http://shorewall.net \________________________________________________
signature.asc
Description: This is a digitally signed message part
------------------------------------------------------------------------------ All the data continuously generated in your IT infrastructure contains a definitive record of customers, application performance, security threats, fraudulent activity and more. Splunk takes this data and makes sense of it. Business sense. IT sense. Common sense. http://p.sf.net/sfu/splunk-d2dcopy1
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
