SHOREWALL-NETMAP(5) | Configuration Files | SHOREWALL-NETMAP(5) |
NAME¶
netmap - Shorewall NETMAP definition fileSYNOPSIS¶
/etc/shorewall[6]/netmap
DESCRIPTION¶
This file is used to map addresses in one network to corresponding addresses in a second network.Warning
To use this file, your kernel and iptables must have NETMAP support included.
The columns in the file are as follows (where the column name is followed by a different name in parentheses, the different name is used in the alternate specification syntax).
TYPE - {DNAT|SNAT}
If SNAT, traffic leaving INTERFACE with a source address in NET1 has it's source address rewritten to the corresponding address in NET2.
NET1 - network-address
INTERFACE - interface
NET2 - network-address
NET3 (Optional) - network-address
PROTO - protocol-number-or-name
DPORT - port-number-or-name-list
If the protocol is ipp2p, this column is interpreted as an ipp2p option without the leading "--" (example bit for bit-torrent). If no PORT is given, ipp2p is assumed.
An entry in this field requires that the PROTO column specify icmp (1), tcp (6), udp (17), sctp (132) or udplite (136). Use '-' if any of the following field is supplied.
This column was formerly labelled DEST PORT(S).
SPORT - port-number-or-name-list
An entry in this field requires that the PROTO column specify tcp (6), udp (17), sctp (132) or udplite (136). Use '-' if any of the following fields is supplied.
This column was formerly labelled SOURCE PORT(S).
FILES¶
/etc/shorewall/netmap/etc/shorewall6/netmap
SEE ALSO¶
http://www.shorewall.net/netmap.html[4]http://www.shorewall.net/configuration_file_basics.htm#Pairs[5]
NOTES¶
- 1.
- exclusion
- 2.
- shorewall-interfaces
02/11/2019 | Configuration Files |