Hi Tom, Thanks for the reply.
Indeed the rule does not work, but you did get what I meant :) Your sugestion is not really waht I'm looking for. Altough I could do it that way, I would prefer to have a way put a rule on the POSTROUTING table, or in this case de eth0_masq CHAIN to ACCEPT some specific traffic, jumping over the masquerade. like : /etc/shorewall/masq eth0 10.1.6.0/24,10.0.0.0/24,10.0.6.0/23,10.1.1.0/24,10.5.0.0/24 and generate this: eth0_masq - [0:0] -A POSTROUTING -o eth0 -j eth0_masq -A eth0_masq -s 10.1.6.0/24 -d 192.168.1.0/24 -j ACCEPT <- this is the rule I don't know how to create in the shorewall -A eth0_masq -s 10.1.6.0/24 -j MASQUERADE -A eth0_masq -s 10.0.0.0/24 -j MASQUERADE -A eth0_masq -s 10.0.6.0/23 -j MASQUERADE -A eth0_masq -s 10.1.1.0/24 -j MASQUERADE -A eth0_masq -s 10.5.0.0/24 -j MASQUERADE regards, Duarte Rocha
signature.asc
Description: This is a digitally signed message part.
------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
