I tried with this , was getting error . DNAT any:eth2:0.0.0.0/0 any:8.8.8.8 icmp - - 1.1.1.1/32 ERROR: Source Interface (eth2) not allowed when the SOURCE is the firewall /etc/shorewall/rules (line 21)
So, I believe when we use interface, I have to specify its zone like the below, which does not through any error. I was looking for a way to use any and use the interface name. DNAT inet:eth2:0.0.0.0/0 any:8.8.8.8 icmp - - 1.1.1.1/32 Regards, Naveen On Thu, Jan 17, 2019 at 4:41 PM Justin Pryzby <pry...@telsasoft.com> wrote: > On Thu, Jan 17, 2019 at 04:02:13PM -0800, Naveen Neelakanta wrote: > > Hi Tom, > > > > I have the below DNAT rule working, but I want to apply this rule only > for > > a specific interface, > > can we achieve that? > > > > DNAT any:0.0.0.0/0 any:8.8.8.8 icmp - - > 1.1.1.1/32 > > It says: > http://shorewall.net/manpages/shorewall-rules.html > > SOURCE - source-spec[,...] > Source hosts to which the rule applies. > source-spec is one of the following: > .... > zone:interface > ... > > > -- > Justin Pryzby > System Administrator > Telsasoft > +1-952-707-8581 > > > _______________________________________________ > Shorewall-users mailing list > Shorewall-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/shorewall-users >
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
