On 5/12/19 10:08 AM, Tom Eastep wrote: > On 5/12/19 9:19 AM, John Hill wrote: >> Thanks You Tom >> Thanks again for Shorewall. >> > > You're most welcome. > > You can eliminate this problem as follows. > > Suppose that your current DNAT rule is: > > DNAT:NFLOG(xxx) net loc:192.168.0.4:22 tcp 1022 - 70.90.191.124 > > You can rewrite this rule as: > > DNAT- net loc:192.168.0.4:22 tcp 1022 - 70.90.191.124 > ACCEPT:NFLOG(yyy) net loc:192.168.0.4:22 tcp 22 - 70.90.191.124 >
Oops -- make that: DNAT- net loc:192.168.0.4:22 tcp 1022 - 70.90.191.124 ACCEPT:NFLOG(yyy) net loc:192.168.0.4 tcp 22 - 70.90.191.124 Copy paste error :-( -Tom -- Tom Eastep \ Q: What do you get when you cross a mobster with Shoreline, \ an international standard? Washington, USA \ A: Someone who makes you an offer you can't http://shorewall.org \ understand \_______________________________________________
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
