From ee8ffc3cebfa68caa73df780d785fe0c5e93ef93 Mon Sep 17 00:00:00 2001 From: Tom Eastep Date: Tue, 25 Oct 2016 10:57:32 -0700 Subject: [PATCH] Add SNAT action example to the Actions article Signed-off-by: Tom Eastep --- docs/Actions.xml | 40 +++++++++++++++++++++++++++++++++++++++- 1 file changed, 39 insertions(+), 1 deletion(-) diff --git a/docs/Actions.xml b/docs/Actions.xml index 0a6e55728..45bd44d43 100644 --- a/docs/Actions.xml +++ b/docs/Actions.xml @@ -1078,7 +1078,7 @@ Divert - - tcp - 80 SNAT Actions - Beginning with Shorewall 5.0.13, actions are supported in Beginning with Shorewall 5.0.14, actions are supported in shorewall-snat(5); that file supercedes shorewall-masq(5) which is @@ -1113,5 +1113,43 @@ Divert - - tcp - 80 Both regular and inline actions are supported. + + Example: + + /etc/shorewall/actions: + + #ACTION OPTIONS +custEPTs nat,inline + + /etc/shorewall/action.custEPTs: + + #ACTION SOURCE DEST PROTO PORT +SNAT($GW_IP) { proto=udp port=1146 } +SNAT($GW_IP) { proto=tcp port=1156,7221,21000 } + + + /etc/shorewall/snat: + + ACTION SOURCE DEST PROTO PORT +custEPTs { source=$EPT_LIST dest=$IF_NET:$EPT_SERVERS } + + More effeciently: + + /etc/shorewall/actions: + + #ACTION OPTIONS +custEPTs nat + + /etc/shorewall/action.custEPTs: + + #ACTION SOURCE DEST PROTO PORT +SNAT($GW_IP) { proto=udp port=1146 } +SNAT($GW_IP) { proto=tcp port=1156,7221,21000 } + + + /etc/shorewall/snat: + + ACTION SOURCE DEST PROTO PORT +custEPT { source=$EPT_LIST dest=$IF_NET:$EPT_SERVERS }