On Thu, 23 Jan 2014, Timothy Murphy wrote:
>
> I'm trying to setup shorewall
> to allow me to ssh in from a remove computer I own.
> I have added the lines
> DNAT net loc:192.168.1.2:22 tcp 2097
> DNAT loc loc:192.168.1.2:22 tcp 2097
> to /etc/shorewall/rules, and re-started shorewall.
> (I've modified the incoming port in the lines above.)
> My modem/router accepts incoming calls on this port.
> Is there anything else I should do?
I don't understand why you need to DNAT the traffic.
If you have configured your router (also the standard alice), to forward
incoming connection on port 2097 to a local 192.168.1.22:22, for my
experience you only need to open ssh access in your host.
In similar conf I simply use:
ACCEPT net $FW tcp 22
--
Regards,
Paolo
____________________________________________
------------------------------------------------------------------------------
CenturyLink Cloud: The Leader in Enterprise Cloud Services.
Learn Why More Businesses Are Choosing CenturyLink Cloud For
Critical Workloads, Development Environments & Everything In Between.
Get a Quote or Start a Free Trial Today.
http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
