Shorewall – Redirect Outgoing Traffic to Internal Server

This is mainly a note for my own reference…

We have a DNAT setup with a couple of dev servers behind it. These dev servers are accessible via an external IP (eg/ 130.1.1.5) and internally at 10.0.0.x. Not knowing how the *$%# to redirect outgoing traffic for our external IPs to our inernal servers we have had to setup internal DNS for the dev servers so that hitting dev.example.com would go to the 10. internal IP, rather than the external IP. Finally, after spending some time and searching was able to come across a wonderful page at http://www.shorewall.net/FAQ.htm. Not sure why I wouldn’t have checked the FAQ sooner. Look at FAQ 2 on that page for more information. Even though it says it is a dirty hack, for our purposes it is exactly what is needed! I don’t think I could be happier. Or feel stupider for not checking the FAQ sooner. Actually, I think I checked it last year when we first started using Shorewall and it just went over my head.