{"id":4503,"date":"2022-12-20T18:08:50","date_gmt":"2022-12-20T21:08:50","guid":{"rendered":"http:\/\/lode.uno\/linux-man\/index.php\/2022\/12\/20\/shorewallnetmap-man5\/"},"modified":"2022-12-20T18:08:50","modified_gmt":"2022-12-20T21:08:50","slug":"shorewallnetmap-man5","status":"publish","type":"post","link":"https:\/\/lode.uno\/linux-man\/2022\/12\/20\/shorewallnetmap-man5\/","title":{"rendered":"SHOREWALL−NETMAP (man5)"},"content":{"rendered":"

SHOREWALL\u2212NETMAP<\/h1>\n

NAME<\/a>
SYNOPSIS<\/a>
DESCRIPTION<\/a>
FILES<\/a>
SEE ALSO<\/a>
NOTES<\/a> <\/p>\n

\n

NAME <\/a> <\/h2>\n

netmap \u2212 Shorewall NETMAP definition file<\/p>\n

SYNOPSIS <\/a> <\/h2>\n\n\n
<\/td>\n\n

\/etc\/shorewall[6]\/netmap<\/b><\/p>\n<\/td>\n

 <\/td>\n<\/tr>\n<\/table>\n

DESCRIPTION <\/a> <\/h2>\n

This file is used to map addresses in one network to corresponding addresses in a second network.<\/p>\n

Warning<\/big><\/b>
To use this file, your kernel and iptables must have NETMAP support included.<\/p>\n

The columns in the file are as follows (where the column name is followed by a different name in parentheses, the different name is used in the alternate specification syntax).<\/p>\n

TYPE<\/b> \u2212 {DNAT<\/b>|SNAT}<\/b><\/p>\n

If DNAT, traffic entering INTERFACE and addressed to NET1 has its destination address rewritten to the corresponding address in NET2.<\/p>\n

If SNAT, traffic leaving INTERFACE with a source address in NET1 has it’s source address rewritten to the corresponding address in NET2.<\/p>\n

NET1<\/b> \u2212 network\u2212address<\/i><\/p>\n

Network in CIDR format (e.g., 192.168.1.0\/24). Beginning with Shorewall 4.4.24, exclusion<\/font><\/b> [1]<\/font><\/small> is supported.<\/font><\/p>\n

INTERFACE<\/b> \u2212 interface<\/i><\/font><\/p>\n

The name of a network interface. The interface must be defined in<\/font> shorewall\u2212interfaces<\/font><\/b> [2]<\/font><\/small> (5). Shorewall allows loose matches to wildcard entries in<\/font> shorewall\u2212interfaces<\/font><\/b> [2]<\/font><\/small> (5). For example, ppp0 in this file will match a<\/font> shorewall\u2212interfaces<\/font><\/b> [2]<\/font><\/small> (8) entry that defines ppp+.<\/font><\/p>\n

NET2<\/b> \u2212 network\u2212address<\/i><\/font><\/p>\n

Network in CIDR format<\/font><\/p>\n

NET3 (Optional)<\/b> \u2212 network\u2212address<\/i><\/font><\/p>\n

Added in Shorewall 4.4.11. If specified, qualifies INTERFACE. It specifies a SOURCE network for DNAT rules and a DESTINATION network for SNAT rules.<\/font><\/p>\n

PROTO<\/b> \u2212 protocol\u2212number\u2212or\u2212name<\/i><\/font><\/p>\n

Optional \u2212\u2212 added in Shorewall 4.4.23.2. Only packets specifying this protocol will have their IP header modified.<\/font><\/p>\n

DPORT<\/b> \u2212 port\u2212number\u2212or\u2212name\u2212list<\/i><\/font><\/p>\n

Optional \u2212 added in Shorewall 4.4.23.2. Destination Ports. A comma\u2212separated list of Port names (from services(5)), port number<\/i>s or port range<\/i>s; if the protocol is icmp<\/b>, this column is interpreted as the destination icmp\u2212type(s). ICMP types may be specified as a numeric type, a numeric type and code separated by a slash (e.g., 3\/4), or a typename. See<\/font> https:\/\/shorewall.org\/configuration_file_basics.htm#ICMP<\/font><\/b> [3]<\/font><\/small> .<\/font><\/p>\n

If the protocol is ipp2p<\/b>, this column is interpreted as an ipp2p option without the leading “\u2212\u2212” (example bit<\/b> for bit\u2212torrent). If no PORT is given, ipp2p<\/b> is assumed.<\/font><\/p>\n

An entry in this field requires that the PROTO column specify icmp (1), tcp (6), udp (17), sctp (132) or udplite (136). Use ‘\u2212’ if any of the following field is supplied.<\/font><\/p>\n

This column was formerly labelled DEST PORT(S).<\/font><\/p>\n

SPORT<\/b> \u2212 port\u2212number\u2212or\u2212name\u2212list<\/i><\/font><\/p>\n

Optional \u2212\u2212 added in Shorewall 4.4.23.2. Source port(s). If omitted, any source port is acceptable. Specified as a comma\u2212separated list of port names, port numbers or port ranges.<\/font><\/p>\n

An entry in this field requires that the PROTO column specify tcp (6), udp (17), sctp (132) or udplite (136). Use ‘\u2212’ if any of the following fields is supplied.<\/font><\/p>\n

This column was formerly labelled SOURCE PORT(S).<\/font><\/p>\n

FILES <\/a> <\/h2>\n

\/etc\/shorewall\/netmap<\/font><\/p>\n

\/etc\/shorewall6\/netmap<\/font><\/p>\n

SEE ALSO <\/a> <\/h2>\n

https:\/\/shorewall.org\/netmap.html<\/font><\/b> [4]<\/font><\/small><\/p>\n

https:\/\/shorewall.org\/configuration_file_basics.htm#Pairs<\/font><\/b> [5]<\/font><\/small><\/p>\n

shorewall(8)<\/font><\/p>\n

NOTES <\/a> <\/h2>\n\n\n
<\/td>\n\n

1.<\/font><\/p>\n<\/td>\n

<\/td>\n\n

exclusion<\/font><\/p>\n<\/td>\n

 <\/td>\n<\/tr>\n<\/table>\n

https:\/\/shorewall.org\/manpages\/shorewall-exclusion.html<\/font><\/p>\n\n\n
<\/td>\n\n

2.<\/font><\/p>\n<\/td>\n

<\/td>\n\n

shorewall-interfaces<\/font><\/p>\n<\/td>\n

 <\/td>\n<\/tr>\n<\/table>\n

https:\/\/shorewall.org\/manpages\/shorewall-interfaces.html<\/font><\/p>\n\n\n
<\/td>\n\n

3.<\/font><\/p>\n<\/td>\n

<\/td>\n\n

https:\/\/shorewall.org\/configuration_file_basics.htm#ICMP<\/font><\/p>\n<\/td>\n<\/tr>\n<\/table>\n

https:\/\/shorewall.org\/configuration_file_basics.htm#ICMP<\/font><\/p>\n\n\n
<\/td>\n\n

4.<\/font><\/p>\n<\/td>\n

<\/td>\n\n

https:\/\/shorewall.org\/netmap.html<\/font><\/p>\n<\/td>\n

 <\/td>\n<\/tr>\n<\/table>\n

https:\/\/shorewall.org\/netmap.html<\/font><\/p>\n\n\n
<\/td>\n\n

5.<\/font><\/p>\n<\/td>\n

<\/td>\n\n

https:\/\/shorewall.org\/configuration_file_basics.htm#Pairs<\/font><\/p>\n<\/td>\n<\/tr>\n<\/table>\n

https:\/\/shorewall.org\/configuration_file_basics.htm#Pairs<\/font><\/p>\n

\n","protected":false},"excerpt":{"rendered":"

netmap \u2212 Shorewall NETMAP definition file <\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[959],"tags":[961,1291,1471],"class_list":["post-4503","post","type-post","status-publish","format-standard","hentry","category-5-formatos-de-ficheros","tag-961","tag-man5","tag-shorewall-netmap"],"gutentor_comment":0,"_links":{"self":[{"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/posts\/4503","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/comments?post=4503"}],"version-history":[{"count":0,"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/posts\/4503\/revisions"}],"wp:attachment":[{"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/media?parent=4503"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/categories?post=4503"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lode.uno\/linux-man\/wp-json\/wp\/v2\/tags?post=4503"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}