From: Dragan J. <dr...@ju...> - 2012-09-28 18:59:45
|
On Fri, Sep 28, 2012 at 2:50 PM, Tom Eastep <te...@sh...> wrote: > On 09/28/2012 11:37 AM, Dragan Jurkovic wrote: >> Hi, >> >> I have IMAPS server which is behind firewall and accessible from >> outside by simple DNAT rule: >> >> DNAT net loc:192.168.201.X:993 tcp NNNNN >> >> NNNNN is non-standard port. >> I am havng trouble configuring shorewall to allow same access form >> inside. Even after thorough reading of DNAT documentation I am still >> puzzled. >> I tried: >> >> DNAT loc loc:192.168.201.X:993 tcp NNNNN - 192.168.201.Y >> >> in rules file where 192.168.201.X is local IMAPS server and >> 192.168.201.Y is firewall internal address. >> I even tried to add: >> >> eth0:192.168.201.X eth0 192.168.201.Y tcp NNNNN >> >> in masq file (eth0 is internal interface on firewall), but connection >> always times out. As I can see shorewall is not blocking anything, but >> packets are lost somewhere. >> Is there any way to achieve this? > > This is Shorewall FAQ 2. Thanks Tom - I did read FAQ 2 and followed it to the letter, but have no success. > > -Tom > -- > Tom Eastep \ When I die, I want to go like my Grandfather who > Shoreline, \ died peacefully in his sleep. Not screaming like > Washington, USA \ all of the passengers in his car > http://shorewall.net \________________________________________________ > > ------------------------------------------------------------------------------ > Got visibility? > Most devs has no idea what their production app looks like. > Find out how fast your code is with AppDynamics Lite. > http://ad.doubleclick.net/clk;262219671;13503038;y? > http://info.appdynamics.com/FreeJavaPerformanceDownload.html > _______________________________________________ > Shorewall-users mailing list > Sho...@li... > https://lists.sourceforge.net/lists/listinfo/shorewall-users |