On 05/04/2018 05:08 AM, Huy Bui wrote: > Hi > I am trying to set up SNAT so that smtp traffic from my dmz will have a > source of a certain ip address and the rest can use the default on eth0 > However I keep getting the error > > Preparing iptables-restore input... > Running /sbin/iptables-restore ... > iptables-restore: line 39 failed > ERROR: iptables-restore Failed. Input is in > /var/lib/shorewall/.iptables-restore-input > > Here's the content of my /etc/shorewall/snat > > # > # Shorewall -- /etc/shorewall/snat > # > # For information about entries in this file, type "man shorewall-snat" > # > # See http://shorewall.net/manpages/shorewall-snat.html > <http://shorewall.net/manpages/shorewall-snat.html> for more information > # > ################################################################################ > #ACTION SOURCE DEST PROTO PORT > #MASQUERADE 192.168.10.0/24 <http://192.168.10.0/24> eth0 > #MASQUERADE 192.168.11.0/24 <http://192.168.11.0/24> eth0 > SNAT(192.168.0.253) 192.168.1.0/24 <http://192.168.11.0/24> > eth0 tcp smtp > SNAT( 192.168.0.254) 192.168.1.0/24 <http://192.168.11.0/24> eth0 > > If I commented out the SNAT lines and un-commented the Masquerade lines > then shorewall can start OK > Please help. > Thank you in advance
What do you see in the system log when this occurs? -Tom -- Tom Eastep \ Q: What do you get when you cross a mobster with Shoreline, \ an international standard? Washington, USA \ A: Someone who makes you an offer you can't http://shorewall.org \ understand \_______________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
