[Firewall] Next problem

Lonnie Abelbeck lists at lonnie.abelbeck.com
Fri Oct 5 18:06:04 CEST 2012


On Oct 5, 2012, at 9:59 AM, Eli Wapniarski wrote:

> On Friday 05 October 2012 09:34:32 Lonnie Abelbeck wrote:
>> Eli,
>> 
>> If you want to forward UDP 9987 to your internal host 192.168.0.11 using the
>> same port, you *only* need: --
>> NAT_FORWARD_UDP="9987>192.168.0.11"
>> --
>> Note the matching double-quotes, shell script style.
>> 
>> By also having OPEN_UDP="9987" you are tying to do two different things with
>> the same packet.
>> 
>> So, remove OPEN_UDP="9987" and make sure you have matching double-quotes.
>> 
> 
> Thanks Lonnie
> 
> That did the trick. Does this apply to everythig I forwared or just to udp?
> 
> Eli

Yes, everything.  Either you NAT forward the packet (NAT_FORWARD_) to internal hosts or allow the packet (OPEN_) to your local computer running Arno's firewall, not both.

Lonnie




More information about the Firewall mailing list