Perfect! That’s brilliant – works like a charm.
I did notice a little problem though. I’m guessing that sticking stuff in the ‘startup’ NAT/Virtual Server’ Script means that it only runs at ZeroShell start up?
Certainly, when I first stuck these lines in, nothing worked. I then restarted the box, and presto – it worked. Then I added two more rules, and adjusted the old ones. The new rules seemed to apply right away, but the old rules were also still working. They didn’t stop working until I restarted.
Do you think you could clarify if you need to restart for the scripts to work?
If so – this is going to be a bit of a problem, if I add a new service / web server – I’m going to have to restart the firewall, effectively disconnecting all the servers until the firewall comes up again.
There is a ‘test’ button and I’m assuming this is just validating syntax?
One firewall I have worked on (from a company called Ingate) had a nifty little feature whereby you could ‘apply’ a new/changed firewall rule, but not save it. So this was basically a sort of ‘test mode’. If you didn’t hit the ‘OK I want to save this’ within 30 seconds, whatever you did would undo itself. A nice feature if you lock yourself out by mistake!?
Anyway. I’m really pleased that ZS can NAT of multiple WAN IPs, I’m just wondering if there is a way to apply changes to this without restarting the box each time.