In the old days, the DNAT rule parameter:
# ORIGINAL DEST (0ptional -- only allowed if ACTION is DNAT[-] or
<<<SNIP>>>
# The address (list) may optionally be followed by
# a colon (":") and a second IP address. This causes
# Shorewall to use the second IP address as the source
# address in forwarded packets. See the Shorewall
# documentation for restrictions concerning this feature.
# If no source IP address is given, the original source
# address is not altered.
It was VERY easy to change the source address of that DNAT connection.
DNAT net loc:$PRINTER-INTERNAL:443 tcp https -
$PRINTER-EXTERNAL:$FW-ETH1-INTERNAL
In current version, what the EASY approach ?
Thanks.
------------------------------------------------------------------------------
October Webinars: Code for Performance
Free Intel webinars can help you accelerate application performance.
Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from
the latest Intel processors and coprocessors. See abstracts and register >
http://pubads.g.doubleclick.net/gampad/clk?id=60135031&iu=/4140/ostg.clktrk
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
