-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 03/24/2017 10:19 AM, Nerijus Baliunas wrote: > On Fri, 24 Mar 2017 09:48:47 -0700 Tom Eastep > <[email protected]> wrote: > >> On 03/24/2017 09:11 AM, Nerijus Baliunas wrote: >>> On Fri, 24 Mar 2017 08:51:12 -0700 Tom Eastep >>> <[email protected]> wrote: >>> >>>> You could also insert an ACCEPT rule in the nat table in >>>> front of the DNAT rule for port 443. >>>> >>>> iptables -t nat -I ethX_dnat -p tcp --dport 443 -j ACCEPT >>>> >>>> where ethX is your Internet interface. >>> >>> iptables -t nat -I em1_dnat -p tcp --dport 443 -j ACCEPT >>> iptables: No chain/target/match by that name. >>> >> >> You'll have to look at the nat table then and find the rule: >> >> shorewall show nat > > Thank you, iptables -t nat -I net_dnat -p tcp --dport 443 -j > ACCEPT helped. But only if the rule "ACCEPT net fw tcp 443" > exists. >
'open' will add an equivalent rule. - -Tom - -- Tom Eastep \ Q: What do you get when you cross a mobster with Shoreline, \ an international standard? Washington, USA \ A: Someone who makes you an offer you can't http://shorewall.net \________________________________________________ -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJY1WMRAAoJEJbms/JCOk0Qbn4P/RIAL88jf9ppYYoJHRyw9l2n Hmya4sRrv9RQZeXEQ0B8aoy8/mXGQ4jFrqkmAN/PuFLuTrkOHmnngb7zepIfhE8Z wsr2Sc1IdAL3vJwMzfS6dFNZj4E7pMrL14mw+c6DPsEcTyIAGnrnNE/Fj7PWgtNg SF3bzLEPUeyAFnOZsCxkiZW3jIIKu2aFKUo6S4mkhKQduDMdbuzKDWcATEP6+iAy Nb/zPm06TAjuGgTE/4aHWVrcXITa0O0aLyM9Bue/mHqPXjiZSA1OF8dVj7wxYSln weR4vrZyOpXkvlN5wseKOnT/8EQlHxO9yL7jXYxoPeM/sFi15h2fpF/SKDcu0qlU cY9NesMCtlptoaS45Xwybx5WL4R/xTNVa62nkvIHpkuqSxsJ1dzq14+tg5vmwh+r K/EwQWo3kW+MnHQXYBMyILDhr3fTUA9DYff1RQhotfHR/itMtAAcYtUiwGhDxyxQ A44n7scuX1UZvd22OBXsWtwLVy/MKyBfOkiL68kdNdgpUS/I2dy5Co6tX350Hv3M szFXsFR9vMthyNk4N66EQ5uMTHXQFpLqc8jx+bal5nCd32V/CJECx7xvTkA3QbG3 nCzNOPXJKvv+nof+feFQhOcQy0sbWdxXarDwl9+oN1So+wBcB5b446DFHBCP5S6/ QSktzpA5ufErw13HJICd =bimx -----END PGP SIGNATURE----- ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
