2002-05-01 01:13:15 +02:00
|
|
|
#
|
2006-10-05 02:04:59 +02:00
|
|
|
# Shorewall version 3.3 - Nat File
|
2002-05-01 01:13:15 +02:00
|
|
|
#
|
|
|
|
|
# /etc/shorewall/nat
|
|
|
|
|
#
|
2003-11-24 20:08:43 +01:00
|
|
|
# This file is used to define one-to-one Network Address Translation
|
|
|
|
|
# (NAT).
|
2002-05-01 01:13:15 +02:00
|
|
|
#
|
|
|
|
|
# WARNING: If all you want to do is simple port forwarding, do NOT use this
|
2005-08-02 18:46:30 +02:00
|
|
|
# file. See http://www.shorewall.net/FAQ.htm#faq1. Also, in most
|
2003-11-24 20:08:43 +01:00
|
|
|
# cases, Proxy ARP is a better solution that one-to-one NAT.
|
2002-05-01 01:13:15 +02:00
|
|
|
#
|
2005-08-02 18:46:30 +02:00
|
|
|
# Columns are:
|
2002-05-01 01:13:15 +02:00
|
|
|
#
|
|
|
|
|
# EXTERNAL External IP Address - this should NOT be the primary
|
|
|
|
|
# IP address of the interface named in the next
|
2002-09-25 01:13:36 +02:00
|
|
|
# column and must not be a DNS Name.
|
2005-07-09 07:45:05 +02:00
|
|
|
#
|
2006-10-10 17:25:36 +02:00
|
|
|
# If you put COMMENT in this column, the rest of the
|
|
|
|
|
# line will be attached as a comment to the Netfilter
|
|
|
|
|
# rule(s) generated by the next entry in the file.
|
|
|
|
|
# The comment will appear delimited by "/* ... */"
|
|
|
|
|
# in the output of "shorewall show nat"
|
|
|
|
|
#
|
2006-04-07 18:11:19 +02:00
|
|
|
# INTERFACE Interface that has the EXTERNAL address.
|
|
|
|
|
# If ADD_IP_ALIASES=Yes in shorewall.conf, Shorewall
|
|
|
|
|
# will automatically add the EXTERNAL address to this
|
|
|
|
|
# interface. Also if ADD_IP_ALIASES=Yes, you may
|
2003-02-23 15:10:37 +01:00
|
|
|
# follow the interface name with ":" and a digit to
|
2003-01-24 20:42:23 +01:00
|
|
|
# indicate that you want Shorewall to add the alias
|
|
|
|
|
# with this name (e.g., "eth0:0"). That allows you to
|
2003-01-24 23:47:22 +01:00
|
|
|
# see the alias with ifconfig. THAT IS THE ONLY THING
|
|
|
|
|
# THAT THIS NAME IS GOOD FOR -- YOU CANNOT USE IT
|
|
|
|
|
# ANYWHERE ELSE IN YOUR SHORWALL CONFIGURATION.
|
2005-07-09 07:45:05 +02:00
|
|
|
#
|
|
|
|
|
# If you want to override ADD_IP_ALIASES=Yes for a
|
|
|
|
|
# particular entry, follow the interface name with
|
|
|
|
|
# ":" and no digit (e.g., "eth0:").
|
2002-09-25 01:13:36 +02:00
|
|
|
# INTERNAL Internal Address (must not be a DNS Name).
|
2005-07-09 07:45:05 +02:00
|
|
|
#
|
2005-08-02 18:46:30 +02:00
|
|
|
# ALL INTERFACES If Yes or yes, NAT will be effective from all hosts.
|
|
|
|
|
# If No or no (or left empty) then NAT will be effective
|
|
|
|
|
# only through the interface named in the INTERFACE
|
|
|
|
|
# column
|
2005-07-09 07:45:05 +02:00
|
|
|
#
|
2005-08-02 18:46:30 +02:00
|
|
|
# LOCAL If Yes or yes, NAT will be effective from the firewall
|
|
|
|
|
# system
|
2005-07-09 07:45:05 +02:00
|
|
|
#
|
|
|
|
|
# For additional information, see http://shorewall.net/NAT.htm
|
2005-08-02 18:46:30 +02:00
|
|
|
#
|
|
|
|
|
###############################################################################
|
2005-07-09 07:45:05 +02:00
|
|
|
#EXTERNAL INTERFACE INTERNAL ALL LOCAL
|
2003-08-14 23:41:55 +02:00
|
|
|
# INTERFACES
|
2002-05-01 01:13:15 +02:00
|
|
|
#LAST LINE -- ADD YOUR ENTRIES ABOVE THIS LINE -- DO NOT REMOVE
|
