FW: [LARTC] DNAT issues

Linux Advanced Routing and Traffic Control

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Thanks very much. I never thought of that :)

However the idea comes from a tutorial listed at ww.netfilter.org.
There, the author explains the same issue and gives a solution...
But that solution is not working for me.

I have posted that part of the tutorial here:
http://www.concorde.utcluj.ro/iptables2.pdf
since netfilter.org is down.

The section explaining my issue is located on the second page - the left
column.

Take a look there if you have time, and maybe some of u will understand
better than me :)

The problem with the routing still remains unsolved for me :( 

-----Original Message-----
From: lartc-admin@xxxxxxxxxxxxxxx [mailto:lartc-admin@xxxxxxxxxxxxxxx]
On Behalf Of Ethy H. Brito
Sent: Thursday, August 21, 2003 9:22 PM
To: lartc@xxxxxxxxxxxxxxx
Subject: Re: [LARTC] DNAT issues

On Thu, 21 Aug 2003, Vlad Mihai wrote:

> Now, the web browser on 192.168.0.121 will see packets coming from
> 192.168.0.2, and it will assume
> they are bogus packets, and will ignore them... SO, NO CONNECTION...
>
> Remember 192.168.0.121 asked for packets from 194.105.29.2 and not
from
> 192.168.0.2!!!
>
> What can I do to allow my LAN clients to access the web server through
> the router?
> Please write me a line of code :) I am new to "iptables" :(

This is a DNS problem. It is a commom mistake to admit that the internal
network is part of the internet. IT IS NOT.
This may be easly solved creating "zones" at you DNS server.
Your web server must be identified as part of your internal net. If it
is
not identified like this you will have to make lots of malabarithm to
overcome this.
Consult DNS server man pages to configure it. This is not the only
solution
but the simplest one for sure.

Regards

Ethy H. Brito         /"\
InterNexo Ltda.       \ /  CAMPANHA DA FITA ASCII - CONTRA MAIL HTML
+55 (12) 3941-6860     X   ASCII RIBBON CAMPAIGN - AGAINST HTML MAIL
S.J.Campos - Brasil   / \

_______________________________________________
LARTC mailing list / LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/




[Index of Archives]     [LARTC Home Page]     [Netfilter]     [Netfilter Development]     [Network Development]     [Bugtraq]     [GCC Help]     [Yosemite News]     [Linux Kernel]     [Fedora Users]
  Powered by Linux