On 03/27/2018 10:01 AM, Farkas Levente wrote: > hi, > we've got an old and a new server. each has one single public eth0 > interface on the net. i'd like to forward all traffic from the old > server's 12345 port to the new server's 12345 port. how can i do that > with shorewall (actually shorewall-lite)? > i'd have to add a DNAT rules to the PREROUTING table but if i put a DNAT > rule into the rules file the result will be in the POSTROUTING table. ie > i'm not able to put anything in the PREROUTING. if i put a line into the > nat file than i can't add a port. > so is it possible with shorewall or should i've to manually add iptable > rules?
DNAT entries in the rules file generate a DNAT rule in the PREROUTING table and an ACCEPT rule in the filter table. -Tom -- Tom Eastep \ Q: What do you get when you cross a mobster with Shoreline, \ an international standard? Washington, USA \ A: Someone who makes you an offer you can't http://shorewall.org \ understand \_______________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
