Hi, I finally got the bridge working and so far, things look ok. >From the outside, I can goto the website. That's no problem. The problem is for local machines going to http://www.mydomain.com/, the firewall doesn't seem to be redirecting it properly. LAN users have to use http://192.168.11.10/ to access the website instead of the www.mydomain.com. I understand that the actual ip address skips the firewall and goes directly to the machine. >From my boss' point of view(totally ignorant that 192.168.11.10 = www.mydomain.com), he doesn't like that. So I'm hoping that he can access (locally) www.mydomain.com. So far my firewall script (the lines pertaining to the www port) is as follows: $IPTABLES -t nat -A PREROUTING -p tcp -i eth0 x.x.x.x \ --dport 80 -j DNAT --to 192.168.10.11 $IPTABLES -A FORWARD -p tcp -i eth0 -d 192.168.10.11 \ --dport 80 -j ACCEPT $IPTABLES -A FORWARD -p tcp -i eth0 --dport 80 -j DROP (I'm not entirely sure about that last item. It looks strangely invalid...but I could be wrong. I don't even think I should have that there.. am I right?) If all my LAN ips are of the 192.168.10.0 host, and the web server is 192.168.10.11, how do I get the LAN clients to go to www.mydomain.com and have the firewall redirect the packets to 192.168.10.11? As you probably can figure out, I'm a little confused. Any help appreciated
