Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 3 subscribers
  • Views 896 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Service Groups in DNAT and SNAT

James Bourne
I am not sure if this has been asked before but it would be great if you could use Service Groups in the Pre/Post DNAT/SNAT rule sets.


This thread was automatically locked due to age.
Parents
  • 0
    I'm sure that's initially due to a limitation of IPTABLES itself. You can provide a contiguous range or a single service, however, most service groups comprise of multiple, discontiguous services.

    The Astaro team could do such an implementation, however logic would need to be developed to translate one "rule" into multiple IPTABLES chains. It's already been done for multiple networks or hosts - just needs to be applied to services as well.

    [ 08 February 2002: Message edited by: HTMLSpinnr ]

Reply
  • 0
    I'm sure that's initially due to a limitation of IPTABLES itself. You can provide a contiguous range or a single service, however, most service groups comprise of multiple, discontiguous services.

    The Astaro team could do such an implementation, however logic would need to be developed to translate one "rule" into multiple IPTABLES chains. It's already been done for multiple networks or hosts - just needs to be applied to services as well.

    [ 08 February 2002: Message edited by: HTMLSpinnr ]

Children
No Data
Unfiltered HTML