Invalid httpd logs with port forwarding

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

Simply put, is there a way to do port forwarding without having the
source address modified?

Here is the problem: I'm using the following rules to forward port 80
trafic to a HTTP server behind a firewall:

iptables -t nat -A PREROUTING -p tcp --dport 80 -d 66.45.170.200 -j DNAT
--to-destination 192.168.1.200:80
iptables -A FORWARD -p tcp --dport 80 -d 192.168.1.200 -m state --state
NEW,ESTABLISHED,RELATED -j ACCEPT

The port forwarding works just fine, but all log entries on the HTTP
server show the same source address, which is the local address of the
firewall (192.168.1.4). I'd like the logs to show the real IP address of
the client from which the connection originates.

Any help, pointer or suggestion would be appreciated.

Thanks!

                        -Dominic
-- 
Dominic Duval		
SOLIDD Technologies, www.dd.qc.ca
Cell: 514-581-7975, ICQ: 4251006, MSN: dduval2@xxxxxxxxxxx




[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux