doc:appunti:linux:sa:iptables
Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revisionNext revision | Previous revisionLast revisionBoth sides next revision | ||
| doc:appunti:linux:sa:iptables [2020/06/15 10:45] – [Shorewall with router in local LAN] niccolo | doc:appunti:linux:sa:iptables [2020/11/23 15:27] – [Shorewall and DNAT onto a local host] niccolo | ||
|---|---|---|---|
| Line 40: | Line 40: | ||
| A web server is reachable from the internet onto a local host (**192.168.1.5**) via a DNAT rule, local hosts want to use the public address (**130.151.100.69**) to reach the d-natted server. Traffic will be masqueraded by the firewall with its address (**192.168.1.254**) on the local LAN (**eth0**, **192.168.1.0/ | A web server is reachable from the internet onto a local host (**192.168.1.5**) via a DNAT rule, local hosts want to use the public address (**130.151.100.69**) to reach the d-natted server. Traffic will be masqueraded by the firewall with its address (**192.168.1.254**) on the local LAN (**eth0**, **192.168.1.0/ | ||
| - | In '' | + | In **/ |
| < | < | ||
| Line 47: | Line 47: | ||
| </ | </ | ||
| - | In '' | + | For Shorewall 5 we nedd a line in **/ |
| + | |||
| + | < | ||
| + | # | ||
| + | SNAT(192.168.1.254) | ||
| + | </ | ||
| + | |||
| + | Shorewall 4 instead requires a line in **/ | ||
| < | < | ||
| Line 54: | Line 61: | ||
| </ | </ | ||
| - | In '' | + | In **/ |
| < | < | ||
| Line 63: | Line 70: | ||
| </ | </ | ||
| + | Port translating from outside to inside is handled only in **/ | ||
| ===== Shorewall with router in local LAN ===== | ===== Shorewall with router in local LAN ===== | ||
doc/appunti/linux/sa/iptables.txt · Last modified: 2020/11/23 15:28 by niccolo