extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-06-20 09:47:51 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add SNAT action example to the Actions article

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2016-10-25 10:57:32 -07:00
parent fdfd8b919b
commit ee8ffc3ceb
No known key found for this signature in database
GPG Key ID: 96E6B3F2423A4D10
1 changed files with 39 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
docs/Actions.xml
View File

@ -1078,7 +1078,7 @@ Divert - - tcp - 80</programlisti
<section> <section>
<title>SNAT Actions</title> <title>SNAT Actions</title>
<para>Beginning with Shorewall 5.0.13, actions are supported in <ulink <para>Beginning with Shorewall 5.0.14, actions are supported in <ulink
url="manpages/shorewall-snat.html">shorewall-snat(5</ulink>); that file url="manpages/shorewall-snat.html">shorewall-snat(5</ulink>); that file
supercedes <ulink supercedes <ulink
url="manpages/shorewall-masq.html">shorewall-masq(5)</ulink> which is url="manpages/shorewall-masq.html">shorewall-masq(5)</ulink> which is
@ -1113,5 +1113,43 @@ Divert - - tcp - 80</programlisti
</orderedlist> </orderedlist>
<para>Both regular and inline actions are supported.</para> <para>Both regular and inline actions are supported.</para>
<para>Example:</para>
<para><filename>/etc/shorewall/actions</filename>:</para>
<programlisting>#ACTION OPTIONS
custEPTs nat,inline</programlisting>
<para><filename>/etc/shorewall/action.custEPTs</filename>:</para>
<programlisting>#ACTION SOURCE DEST PROTO PORT
SNAT($GW_IP) { proto=udp port=1146 }
SNAT($GW_IP) { proto=tcp port=1156,7221,21000 }
</programlisting>
<para><filename>/etc/shorewall/snat</filename>:</para>
<programlisting>ACTION SOURCE DEST PROTO PORT
custEPTs { source=$EPT_LIST dest=$IF_NET:$EPT_SERVERS }</programlisting>
<para>More effeciently:</para>
<para><filename>/etc/shorewall/actions</filename>:</para>
<programlisting>#ACTION OPTIONS
custEPTs nat</programlisting>
<para><filename>/etc/shorewall/action.custEPTs</filename>:</para>
<programlisting>#ACTION SOURCE DEST PROTO PORT
SNAT($GW_IP) { proto=udp port=1146 }
SNAT($GW_IP) { proto=tcp port=1156,7221,21000 }
</programlisting>
<para><filename>/etc/shorewall/snat</filename>:</para>
<programlisting>ACTION SOURCE DEST PROTO PORT
custEPT { source=$EPT_LIST dest=$IF_NET:$EPT_SERVERS }</programlisting>
</section> </section>
</article> </article>