# # Shorewall version 3.3 - Nat File # # /etc/shorewall/nat # # This file is used to define one-to-one Network Address Translation # (NAT). # # WARNING: If all you want to do is simple port forwarding, do NOT use this # file. See http://www.shorewall.net/FAQ.htm#faq1. Also, in most # cases, Proxy ARP is a better solution that one-to-one NAT. # # Columns are: # # EXTERNAL External IP Address - this should NOT be the primary # IP address of the interface named in the next # column and must not be a DNS Name. # # If you put COMMENT in this column, the rest of the # line will be attached as a comment to the Netfilter # rule(s) generated by the next entry in the file. # The comment will appear delimited by "/* ... */" # in the output of "shorewall show nat" # # INTERFACE Interface that has the EXTERNAL address. # If ADD_IP_ALIASES=Yes in shorewall.conf, Shorewall # will automatically add the EXTERNAL address to this # interface. Also if ADD_IP_ALIASES=Yes, you may # follow the interface name with ":" and a digit to # indicate that you want Shorewall to add the alias # with this name (e.g., "eth0:0"). That allows you to # see the alias with ifconfig. THAT IS THE ONLY THING # THAT THIS NAME IS GOOD FOR -- YOU CANNOT USE IT # ANYWHERE ELSE IN YOUR SHORWALL CONFIGURATION. # # If you want to override ADD_IP_ALIASES=Yes for a # particular entry, follow the interface name with # ":" and no digit (e.g., "eth0:"). # INTERNAL Internal Address (must not be a DNS Name). # # ALL INTERFACES If Yes or yes, NAT will be effective from all hosts. # If No or no (or left empty) then NAT will be effective # only through the interface named in the INTERFACE # column # # LOCAL If Yes or yes, NAT will be effective from the firewall # system # # For additional information, see http://shorewall.net/NAT.htm # ############################################################################### #EXTERNAL INTERFACE INTERNAL ALL LOCAL # INTERFACES #LAST LINE -- ADD YOUR ENTRIES ABOVE THIS LINE -- DO NOT REMOVE