From: "Steven Levine" Received: from [192.168.100.201] (HELO mail.2rosenthals.com) by 2rosenthals.com (CommuniGate Pro SMTP 5.4.10) with ESMTPS id 5662662 for ecs-isp@2rosenthals.com; Wed, 23 Nov 2022 12:18:40 -0500 Received: from secmgr-va.2rosenthals.com ([50.73.8.217]:57805 helo=mail2.2rosenthals.com) by mail.2rosenthals.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1oxtOI-0008GK-3B for ecs-isp@2rosenthals.com; Wed, 23 Nov 2022 12:18:31 -0500 Received: from mta-201b.earthlink-vadesecure.net ([51.81.229.181]:60245 helo=mta-201a.earthlink-vadesecure.net) by mail2.2rosenthals.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.95) (envelope-from ) id 1oxtOE-00014H-1z for ecs-isp@2rosenthals.com; Wed, 23 Nov 2022 12:18:26 -0500 DKIM-Signature: v=1; a=rsa-sha256; bh=ERD10ZAoSON/tNm0ygmVS4p0LEwRuwXIIwfbTc QG+mk=; c=relaxed/relaxed; d=earthlink.net; h=from:reply-to:subject: date:to:cc:resent-date:resent-from:resent-to:resent-cc:in-reply-to: references:list-id:list-help:list-unsubscribe:list-subscribe:list-post: list-owner:list-archive; q=dns/txt; s=dk12062016; t=1669223905; x=1669828705; b=mPb8xNkCeA7rHQ6/3J6hBr4pjsAn/XajR7G8u2dSRSFqdObojWCP7r+ OhtiUZ2Sksrz4ftA5tEBSCwLOBpSeVffhwvqaAhQ63nuM4AFxPMUNb83YQouwDAKfcGPTBQ 45/hn1np9kEAC7GkYf/6nLEqeR//YDE5zTgLz7vVdYrF5NTNJYWgPi2bQARR2GjMDLarhZH 1JZlhR7gQNvETEpLttkzkBtrjdEn9s0wVvFgeOozFsLXebAHqbZqoELOvonKuZ2bNiBgoPH 27lMcfXmJNc5GXCzUaDEKMUUZB2MQUM4+hlpX1oChewLnRyvdI0XsqggZzQGugiyflEC3CD dWg== Received: from slamain ([108.193.252.8]) by smtp.earthlink-vadesecure.net ESMTP vsel2nmtao01p with ngmta id 399ba6b0-172a464c4e564425; Wed, 23 Nov 2022 17:18:25 +0000 Message-ID: <637e4c96.12.mr2ice.fgrirsq@earthlink.net> Date: Wed, 23 Nov 2022 08:38:46 -0800 To: "eCS ISP Mailing List" In-Reply-To: Subject: Re: [eCS-ISP] help about an Injoy FW rule X-Mailer: MR/2 Internet Cruiser Edition for OS/2 v3.00.11.24/60 In , on 11/23/22 at 01:23 PM, "Massimo S." said: Hi Massimo, >i should add a 2nd (public/static) IP to a portmap rule, OK, so what's not working with your new rule? >i've read the firestart PDF, but i don't find any hint about this >situation. As you should know by now, the ijfw docs are light on tutorial content. For this, you need to search the .cnf files. If something does not work, you need to ask questions here and if that fails open an issue at bitwise works. >myportmap_in > Destination-Port = "53000", > Source = "5.6.7.8", > Destination = "My_IP", > Rule-Action = Portmap, > Mapping-Dest-IP = "192.168.1.3", > Mapping-Dest-Port = 1234 I've never needed to use portmapping here, but this looks OK for the inbound side. Based on my reading of the .cnf files, you may need a corresponding outbound mapping. The most recent distros include portmap examples in: firerule.cnf ip_redir.cnf portmap.cnf Older distros appear to omit the last two. Steven -- ---------------------------------------------------------------------- "Steven Levine" Warp/DIY/BlueLion etc. www.scoug.com www.arcanoae.com www.warpcave.com ----------------------------------------------------------------------