Am Freitag, 4. Oktober 2019, 22:22:15 CEST schrieb Timo Sigurdsson:
> Hi Andreas,
>
> Andreas Günther schrieb am 04.10.2019 08:41 (GMT +02:00):
> > Hi,
> >
> > I want to use IPv6 addresses externally and IPv4 with 192.168.1.0/24
> > internally on virtual machines in an internal network.
>
> <SNIP>
>
> > 2) How do I do port forwarding or NAT for e.g. SMTP on incoming
> > 2a03: 6500: 5ca: 45a :: 3 to 192.168.1.3
> > so that I get SSH and SMPT from the outside (IPv6) to inside (IPv4)?
>
> I can't answer your question directly as I don't have any experience with
> NAT64 mechanisms. But what I found pretty easy to set up is IPv6 NAT. I
> have one machine that does not get a larger global IPv6 prefix that it
> could use to assign addresses to downstream (virtual) interfaces. So
> instead I use unique local unicast addresses (ULA fd00::/8) for the
> downstream interfaces and NAT to translate between the global 2000::/3
> addresses and the internal fd00::/8 addresses. That works quite well and
> the same way as IPv4 NAT in shorewall. A rule in /etc/shorewall6/snat might
> look like this (where "enp1s0" is your external interface): MASQUERADE
> fd1a:2401:185a:ea93::/64 enp1s0
>
> And then you'd have to configure port forwarding just like IPv4. Maybe this
> helps.
>
>
> Cheers,
>
> Timo
Thanks Timo,
I think this help me on that part.
The other part here
>> 1) In /usr/share/shorewall6/ I only like macros
>> macro.mDNS, macro.mDNSbi, macro.Ping, macro.Trcrt
>> It is possible to use the macros at /usr/share/shorewall/ like
>> macro.SMTP, macro.Sieve, macro.HTTPS at shorewall6 too?
I don't know why there aren't macro.templats build. Should you build your own
macros like the patterns of IPv4 macros?
Thanks for your anwsers,
Andreas
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users
