ok so i added a masquerade rule for ppp0 and it works MASQUERADE 172.20.10.0/24 enp0s31f6 MASQUERADE 172.20.10.0/24 ppp0
iif think i have not understood how masquerade was evaluated, i will read doc again. Regards, Le mer. 22 avr. 2020 à 08:14, Gaétan QUENTIN <work.gaetan.quen...@gmail.com> a écrit : > Hi Tom, > > i have no control on the other side of the vpn. So i must find a solution > on my side. > > So how could i add a masquerade rule depending on destination ip only? > > Regards, > > Le mer. 22 avr. 2020 à 01:53, Tom Eastep <teas...@shorewall.net> a écrit : > >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA512 >> >> On 4/21/20 4:01 PM, Gaétan QUENTIN wrote: >> > Hi, >> > >> > I don't see how. The rule should be applied only if destination is >> > in ppp0 ip routes . Masquerading works filtering source, not >> > destination. >> > >> > Or i am missing something. >> > >> You are missing the liklihood that hosts on the other end of the VPN >> don't know how to route to your local network. This can be remedied >> either by masquerading or by configuring an additional route on the >> other end of the VPN. >> >> - -Tom >> - -- >> Tom Eastep \ Q: What do you get when you cross a mobster >> Shoreline, \ with an international standard? >> Washington, USA \ A: Someone who makes you an offer you >> http://shorewall.org \ can't understand >> \________________________________________ >> -----BEGIN PGP SIGNATURE----- >> Comment: GPGTools - http://gpgtools.org >> >> iQIzBAEBCgAdFiEEFNMNR63CLO6yqbL8luaz8kI6TRAFAl6fhxYACgkQluaz8kI6 >> TRAkVA/+K6FHyd0PlUi5jvm6GqKC8hGxYfgk9NuIdXbByw8x3X1mPYfVvrZ3Vq7a >> LeSQpNj6DWWxASSbYcZoCf2qhDiNLBkIR+WQwDDf5phvVRcEz7qz/QsejM4oRGIb >> 5+nxowDSKbDsFPZ4Cy/p1x6PtVuDB+huiXTqgxm4ip+jUvtLw5ChFTZcu8Z8Yfi9 >> xUVoZkhErieyznUqktKQZKoj3BGNPT72BBJRsBfP82dfHC/Rws2w8pQ95U8tMxu7 >> BuYXrvM+ePiqtegVxUt4mzTb51YbWu80i2nMITeK8k+vqfIYFLJfaiknr+0UfEYp >> yWdGs+Xx+UbCp/T/fvJyBs0K3S1OVQLPsYzBCL6Gs97OeKICHECbKhGjkGlIXeVt >> 8q6RNQoPvvXqW1Ur7797GVx27nnfp3jgTA2/w4Vj3sHi4FSu06KRpPD+7OGNP3RN >> fF6Vfp5OLkSG4VsTu+OgMaYJ6U5PwMicU+NMUBeX7bnxigL8hwOpeMj81hd5A/oW >> y7sm4urXSasgVIml6X/2QTjWQewQ6ntFLnxMPzTFp37JLwxbdpF92MQ+2mF0SczG >> 6c+ybrf0OzGDVSkUEiBGvh5fULgovNxNQ+xDCXsejLAVDbJHsF81id3pF2DHLykx >> vn3jc7YkVTgQCj6BVk/PaleRJeGM7ZH+So/2/LXAr0S+snUGX/s= >> =ZQjA >> -----END PGP SIGNATURE----- >> >> >> _______________________________________________ >> Shorewall-users mailing list >> Shorewall-users@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/shorewall-users >> >
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
