What do I need to do?
Thomas E. Dukes
edukes at alltel.net
Thu Mar 4 07:07:00 UTC 2004
> -----Original Message-----
> From: redhat-list-admin at redhat.com
> [mailto:redhat-list-admin at redhat.com] On Behalf Of Pete Nesbitt
> Sent: Thursday, March 04, 2004 12:52 AM
> To: redhat-list at redhat.com
> Subject: Re: What do I need to do?
>
> On March 3, 2004 05:51 pm, Thomas E. Dukes wrote:
> > Hello,
> >
> > I'd like to have a local machine behind a firewall to receive www
> > requests from the outside. I have a firewall using IP
> Masqueurading
> > with port forwarding but that doesn't work. I keep getting
> the "visable" machine.
> >
> > Do I need to setup a bridge, proxy server or is there
> something I need
> > to do with my local dns, etc.? I don't really know what this is
> > called to know where to start.
> >
> > TIA
>
>
> Hi Thomas,
> I'm running a similar setup, but the server is in a dmz. All
> you need for that aspect of the firewall rules is pre and
> post routes above the main rules, something like:
>
> #inbound redircts to webserver (all one line) $IPTABLES -A
> PREROUTING -t nat -p tcp -i $EXT_IF --dport 80 -j DNAT
> --to-destination $WEB_SERVER_IIP
>
> # outbound web server connections are all masquaraded (all
> one line) $IPTABLES -A POSTROUTING -t nat -o $EXT_IF -s
> $WEB_SERVER_IP -j MASQUERADE
Thanks for your help!!
What are the values for $EXT_IF and $WEB_SERVER_IIP? I am guessing $EXT_IF
is the single external ip address and $WEB_SERVER_IIP is the internal ip
addrerss of the local machine behind the firewall, right?
Wouldn't I need to change the port to something different than 80, such as
8080, so I can get www requests on both the visable and internal machine?
(The internal machine is a XP Pro server. I want to be able to run ASP
applications that use MS_Access or MSSQL databases.)
> (you may not need the outbound)
>
> That should work if you are running non-routable boxes behind
> a sind IP address.
> --
> Pete Nesbitt, rhce
>
>
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
>
More information about the redhat-list
mailing list