On Thu, Jan 21, 2016 at 04:25:12PM +0800, Marguerite Su wrote:
Hi, Marcus
On Tue, Jan 19, 2016 at 2:48 AM, Marcus Meissner <meissner@suse.de> wrote:
sudo /sbin/iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -o eth0 -j MASQUERADE sudo /sbin/iptables -A FORWARD -s 192.168.1.0/24 -j ACCEPT
and then you an enable the service with FW_CONFIGURATIONS_EXT="ocserv"
j The masquerading ... is this really intended this way as I pretty much doubt that that everyone has this kind of network layout.
FW_ROUTE="yes" FW_MASQUERADE="yes"
will masquerade the internal network zone towards the external network zone.
Is there any place I can write FW_ROUTE/FW_MASQUERADE?
I would like to let user just:
- install ocserv and start the systemd service
- the firewall is all configured
AND:
sudo /sbin/iptables -A FORWARD -s 192.168.1.0/24 -j ACCEPT
how to convert this rule?
Where is this 192.168.1.0/24 network supposed to be? The machines local network? (FW_MASQUERADE="yes" would basically masquerade the internal network to the outside.) But I think this does not make sense at all for a package installation, sorry. Ciao, Marcus -- To unsubscribe, e-mail: opensuse-packaging+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-packaging+owner@opensuse.org