On Thursday 02 January 2003 04:18 pm, Simpson, Doug wrote: > Here is my rc.firewall that I generated using FW Builder. > I want to add these lines - > iptables -t nat -A POSTROUTING -p tcp --dport 110 -o eth0 -s > $INTERNAL_IP -j SNAT --to $external_ip > iptables -t nat -A POSTROUTING -p tcp --dport 23 -o eth0 -s > $INTERNAL_IP -j SNAT --to $EXTERNAL_IP > Where can I put these in the script and do I need to follow the same > pattern as the script? > Thank you > Doug > ############################################## > #!/bin/sh > # > # This is automatically generated file. DO NOT MODIFY ! > # > # Firewall Builder fwb_ipt v1.0.7- > $IPTABLES -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT > $IPTABLES -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT > $IPTABLES -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT Right here would probably make sense. Actually you can put them anywhere, since there are no other POSTROUTING rules in the script. Just DON'T put them inside a loop or a conditional statement. There's no explicit need to follow the pattern in the script, but be aware that if you rebuild the ruleset with fw-builder you will need to manually re-insert these afterwards, AFAIK. j
