"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "configfiles/snat.annotated" between
shorewall6-5.2.7.tar.bz2 and shorewall6-5.2.8.tar.bz2

About: Shorewall (The Shoreline Firewall) is an iptables based firewall Requires the Shorewall package and adds the capability to create an IPv6 firewall.

snat.annotated  (shorewall6-5.2.7.tar.bz2):snat.annotated  (shorewall6-5.2.8.tar.bz2)
skipping to change at line 116 skipping to change at line 116
# Example: 206.124.146.177-206.124.146.180 # Example: 206.124.146.177-206.124.146.180
# #
# You may follow the port range (or :random) with :persistent. This is # You may follow the port range (or :random) with :persistent. This is
# only useful when an address range is specified and causes a client to # only useful when an address range is specified and causes a client to
# be given the same source/destination IP pair. # be given the same source/destination IP pair.
# #
# You may also use the special value detect which causes Shorewall to # You may also use the special value detect which causes Shorewall to
# determine the IP addresses configured on the interface named in the # determine the IP addresses configured on the interface named in the
# DEST column and substitute them in this column. # DEST column and substitute them in this column.
# #
# Finally, you may also specify a comma-separated list of ranges and/or
# addresses in this column.
#
# DNS Names names are not allowed. # DNS Names names are not allowed.
# #
# Normally, Netfilter will attempt to retain the source port number. You # Normally, Netfilter will attempt to retain the source port number. You
# may cause netfilter to remap the source port by following an address o r # may cause netfilter to remap the source port by following an address o r
# range (if any) by ":" and a port range with the format lowport-highpor t # range (if any) by ":" and a port range with the format lowport-highpor t
# . If this is done, you must specify "tcp", "udp", "dccp" or "stcp" in # . If this is done, you must specify "tcp", "udp", "dccp" or "stcp" in
# the PROTO column. # the PROTO column.
# #
# Examples: # Examples:
# #
skipping to change at line 472 skipping to change at line 469
# IPv4 Example 5: # IPv4 Example 5:
# #
# Connections leaving on eth0 and destined to any host defined in the ipset # Connections leaving on eth0 and destined to any host defined in the ipset
# myset should have the source IP address changed to 206.124.146.177. # myset should have the source IP address changed to 206.124.146.177.
# #
# #ACTION SOURCE DEST # #ACTION SOURCE DEST
# SNAT(206.124.146.177) - eth0:+myset[dst] # SNAT(206.124.146.177) - eth0:+myset[dst]
# #
# IPv4 Example 6: # IPv4 Example 6:
# #
# SNAT outgoing connections on eth0 from 192.168.1.0/24 in round-robin # SNAT outgoing connections on eth0 from 192.168.1.0/24 randomly to addresse
# fashion between addresses 1.1.1.1, 1.1.1.3, and 1.1.1.9 (Shorewall 4.5.9 s
# and later). # 1.1.1.1, 1.1.1.3, and 1.1.1.9 (Shorewall 5.0.0 and later).
#
# /etc/shorewall/tcrules:
#
# #ACTION SOURCE DEST PROTO DPORT SPORT
USER TEST
# 1-3:CF 192.168.1.0/24 eth0 ; state=NEW
# #
# /etc/shorewall/snat: # /etc/shorewall/snat:
# #
# #ACTION SOURCE DEST # #ACTION SOURCE DEST
# SNAT(1.1.1.1) 192.168.1.0/24 eth0 { mark=1:C } # SNAT(1.1.1.1) 192.168.1.0/24 eth0 { probability=0.33 }
# SNAT(1.1.1.3) 192.168.1.0/24 eth0 { mark=2:C } # SNAT(1.1.1.3) 192.168.1.0/24 eth0 { probability=0.50 }
# SNAT(1.1.1.9) 192.168.1.0/24 eth0 { mark=3:C } # SNAT(1.1.1.9) 192.168.1.0/24 eth0
# #
# IPv6 Example 1: # IPv6 Example 1:
# #
# You have a simple 'masquerading' setup where eth0 connects to a DSL or # You have a simple 'masquerading' setup where eth0 connects to a DSL or
# cable modem and eth1 connects to your local network with subnet # cable modem and eth1 connects to your local network with subnet
# 2001:470:b:787::0/64 # 2001:470:b:787::0/64
# #
# Your entry in the file will be: # Your entry in the file will be:
# #
# #ACTION SOURCE DEST # #ACTION SOURCE DEST
 End of changes. 3 change blocks. 
15 lines changed or deleted 6 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)