Hello, I left the rule DNAT net loc:10.10.10.12 tcp 443 in shorewall/rules, but I do: iptables -D net-loc -p tcp -d 10.10.10.12 --dport 443 -j ACCEPT so that the rule is deleted before trying to open 443 port on fw itself. I test with a browser, and I am no longer forwarded to 10.10.10.12.
Then I run shorewall open all 81.x.x.x tcp 443: Firewall dynamically opened for connections from all to 81.x.x.x tcp port 443 iptables -L -n shows a new rule in chain dynamic: Chain dynamic (10 references) target prot opt source destination ACCEPT tcp -- 0.0.0.0/0 81.x.x.x tcp dpt:443 But the browser timeouts, does not connect to apache running on fw. Regards, Nerijus ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
