[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: What do I need to do?



On March 3, 2004 05:51 pm, Thomas E. Dukes wrote:
> Hello,
>
> I'd like to have a local machine behind a firewall to receive www requests
> from the outside.  I have a firewall using IP Masqueurading with port
> forwarding but that doesn't work.  I keep getting the "visable" machine.
>
> Do I need to setup a bridge, proxy server or is there something I need to
> do with my local dns, etc.?  I don't really know what this is called to
> know where to start.
>
> TIA


Hi Thomas,
I'm running a similar setup, but the server is in a dmz. All you need for that 
aspect of the firewall rules is pre and post routes above the main rules, 
something like:

#inbound redircts to webserver (all one line)
$IPTABLES -A PREROUTING -t nat -p tcp -i $EXT_IF --dport 80 -j DNAT  
--to-destination $WEB_SERVER_IIP  

# outbound web server connections are all masquaraded  (all one line)
$IPTABLES -A POSTROUTING -t nat -o $EXT_IF -s $WEB_SERVER_IP -j MASQUERADE

(you may not need the outbound)

That should work if you are running non-routable boxes behind a sind IP 
address.
-- 
Pete Nesbitt, rhce




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]