[Firewall] Next problem

Eli Wapniarski eli at orbsky.homelinux.org
Fri Oct 5 18:27:42 CEST 2012


On Friday 05 October 2012 11:06:04 Lonnie Abelbeck wrote:
> On Oct 5, 2012, at 9:59 AM, Eli Wapniarski wrote:
> > On Friday 05 October 2012 09:34:32 Lonnie Abelbeck wrote:
> >> Eli,
> >> 
> >> If you want to forward UDP 9987 to your internal host 192.168.0.11 using
> >> the same port, you *only* need: --
> >> NAT_FORWARD_UDP="9987>192.168.0.11"
> >> --
> >> Note the matching double-quotes, shell script style.
> >> 
> >> By also having OPEN_UDP="9987" you are tying to do two different things
> >> with the same packet.
> >> 
> >> So, remove OPEN_UDP="9987" and make sure you have matching double-quotes.
> > 
> > Thanks Lonnie
> > 
> > That did the trick. Does this apply to everythig I forwared or just to
> > udp?
> > 
> > Eli
> 
> Yes, everything.  Either you NAT forward the packet (NAT_FORWARD_) to
> internal hosts or allow the packet (OPEN_) to your local computer running
> Arno's firewall, not both.
> 

I will try to configure my firewall as per your suggestion Lonnie. However, I 
gotta ask a dumb question then. How come, when I have the open_tcp configured 
and nat_forward_tcp configured with the same ports everything seems to work 
OK?

Eli

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.



More information about the Firewall mailing list