On 11/29/2013 5:14 AM, Angela Williams wrote: > Hi All! > > I have a happy shorewall user who needs something that should quite > simple but for the life of me I just cannot figure it out! Well other > than a snat rule! > > Two users on the internal network need to make RDP connections to the > parent companies Terminal Server on a non standard port. Needless to say > the two external ip address they will be allocated are available and > they will both connect to the same remote ip address! > > Two internal user are 192.168.1.101 and 192.168.1.193 and need to snat > out on ip's 206.205.204.203 and 206.205.204.204 respectively and be > limited to access port 3399 on remote ip 223.224.225.226 > > The customer is out in the boon-docks and only has a 1M internet > connection and with over 200 users bandwidth is tight. Normal masq is > limited to a few users. I have two simple nat rules that allow two > server unrestricted access. The rest of the user are controlled through > squid. > > All ideas of how to achieve the above would be welcomed!
/etc/shorewall/rules:
ACCEPT loc:192.168.1.101,192.168.1.193 net:<RDP ip> tcp 3399
/etc/shorewall/masq
<external if>:<RDP ip> 192.168.1.101 206.205.204.203
<external if>:<RDP ip> 192.168.1.193 206.205.204.204
Where:
<external if> is the firewall's external interface
<RDP ip> is the IP address of the RDP server
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clktrk
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
