SV: SV: Port forwarding
Andre Speelmans
andre at as.no-ip.com
Mon Jan 24 14:33:57 UTC 2005
Jari.Marikainen at vlt.se wrote:
> Hi, I agree on your resoning below. I also ran into another problem.
> Will your earlier suggestion work with SSL? This could look somewhat
> suspicious from the client side I imagine.
I hop I'm not talking nonsense, I have not followed this thread and just
react on this post.
AFAIK the SSL-certificate is not bound to an IP-address, so this should
not give you any problem.
> Your suggestion was:
> iptables -t nat -A PREROUTING -p tcp --dport 80 -d 195.198.111.x \
> -j DNAT --to-destination 65.114.4.69
> iptables -t nat -A POSTROUTING -p tcp --dport 80 -d 65.114.4.69 \
> -j SNAT --to-source <your external IP address on this machine>
This last one should read:
iptables -t nat -A POSTROUTING -p tcp --sport 80 -s 65.114.4.69 \
-j SNAT --to-source <your external IP address on this machine>
The switch should be for source, not destination. And of course 80
should be changed to 443 (the port that is used by HTTPS).
--
Regards,
André
More information about the fedora-list
mailing list