What do I need to do?

Thomas E. Dukes edukes at alltel.net
Thu Mar 4 07:07:00 UTC 2004 

> -----Original Message-----
> From: redhat-list-admin at redhat.com 
> [mailto:redhat-list-admin at redhat.com] On Behalf Of Pete Nesbitt
> Sent: Thursday, March 04, 2004 12:52 AM
> To: redhat-list at redhat.com
> Subject: Re: What do I need to do?
> 
> On March 3, 2004 05:51 pm, Thomas E. Dukes wrote:
> > Hello,
> >
> > I'd like to have a local machine behind a firewall to receive www 
> > requests from the outside.  I have a firewall using IP 
> Masqueurading 
> > with port forwarding but that doesn't work.  I keep getting 
> the "visable" machine.
> >
> > Do I need to setup a bridge, proxy server or is there 
> something I need 
> > to do with my local dns, etc.?  I don't really know what this is 
> > called to know where to start.
> >
> > TIA
> 
> 
> Hi Thomas,
> I'm running a similar setup, but the server is in a dmz. All 
> you need for that aspect of the firewall rules is pre and 
> post routes above the main rules, something like:
> 
> #inbound redircts to webserver (all one line) $IPTABLES -A 
> PREROUTING -t nat -p tcp -i $EXT_IF --dport 80 -j DNAT 
> --to-destination $WEB_SERVER_IIP  
> 
> # outbound web server connections are all masquaraded  (all 
> one line) $IPTABLES -A POSTROUTING -t nat -o $EXT_IF -s 
> $WEB_SERVER_IP -j MASQUERADE

Thanks for your help!!

What are the values for $EXT_IF and $WEB_SERVER_IIP?  I am guessing $EXT_IF
is the single external ip address and $WEB_SERVER_IIP is the internal ip
addrerss of the local machine behind the firewall, right?

Wouldn't I need to change the port to something different than 80, such as
8080, so I can get www requests on both the visable and internal machine?
(The internal machine is a XP Pro server.  I want to be able to run ASP
applications that use MS_Access or MSSQL databases.)

 
> (you may not need the outbound)
> 
> That should work if you are running non-routable boxes behind 
> a sind IP address.
> --
> Pete Nesbitt, rhce
> 
> 
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
>

More information about the redhat-list mailing list