I'm using shorewall 4.5.5.3 on a Debian distribution. I have tried the following rule in /etc/shorewall/masq : eth0:y.y.y.y - x.x.x.x:5060 udp 5061 But on the remote system I still see the traffic coming from x.x.x.x:5061 instead of x.x.x.x:5060. I even tried to change x.x.x.x with 1.1.1.1 but I still see the traffic coming from x.x.x.x The rule gets loaded by shorewall but for some reasons it doesn't works : 11:24:48 Compiling /etc/shorewall/masq... 11:24:48 Masq record "eth0:y.y.y.y - x.x.x.x:5060 udp 5061" Compiled Any ideas ?
2018-03-23 18:34 GMT+02:00 Tom Eastep <teas...@shorewall.net>: > On 03/22/2018 10:24 PM, Andrea Bodrati wrote: >> Greetings, >> I'm trying to write the following rules in /etc/shorewall/rules but I >> can't find any reference on how to do that : >> iptables -t nat -I POSTROUTING -o eth0.0 -p udp -d y.y.y.y --sport >> 5061 -j SNAT --to-source x.x.x.x:5060 >> Basically I need to masquerade the source udp port to 5060 of all the >> packets coming from my public IP x.x.x.x port 5061 and with >> destination y.y.y.y. >> Thanks! > > Which Shorewall Version? Earlier versions use the 'masq' file for SNAT > and MASQUERADE; later versions use the 'snat' file. > > For the masq file: > > eth0:y.y.y.y - x.x.x.x:5600 udp - 5061 > > For the snat file: > > SNAT(x.x.x.x:5600) - eth0:y.y.y.y udp - 5601 > > -Tom > -- > Tom Eastep \ Q: What do you get when you cross a mobster with > Shoreline, \ an international standard? > Washington, USA \ A: Someone who makes you an offer you can't > http://shorewall.org \ understand > \_______________________________________________ > > > ------------------------------------------------------------------------------ > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > _______________________________________________ > Shorewall-users mailing list > Shorewall-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/shorewall-users > -- Andrea Bodrati AllTre S.r.l. Piazza De Marini, 1/24C 16123Genova (GE) PIVA 01785430990 Tel. +39 010 984.86.89 Fax. +39 010 984.86.28 bodr...@all3.biz www.all3.biz www.facebook.com/all3.biz ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
