On Fri, 24 Mar 2017 09:48:47 -0700 Tom Eastep <[email protected]> wrote:
> On 03/24/2017 09:11 AM, Nerijus Baliunas wrote: > > On Fri, 24 Mar 2017 08:51:12 -0700 Tom Eastep > > <[email protected]> wrote: > > > >> You could also insert an ACCEPT rule in the nat table in front of > >> the DNAT rule for port 443. > >> > >> iptables -t nat -I ethX_dnat -p tcp --dport 443 -j ACCEPT > >> > >> where ethX is your Internet interface. > > > > iptables -t nat -I em1_dnat -p tcp --dport 443 -j ACCEPT iptables: > > No chain/target/match by that name. > > > > You'll have to look at the nat table then and find the rule: > > shorewall show nat Thank you, iptables -t nat -I net_dnat -p tcp --dport 443 -j ACCEPT helped. But only if the rule "ACCEPT net fw tcp 443" exists. Regards, Nerijus ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
