iptables -t nat -A POSTROUTING -p tcp --dport $PORT -s $INTNETWORK/SUBNET -d $INTIPSERVER -j SNAT --to-source $INTIPFIREWALL
eg.
iptables -t nat -A POSTROUTING -p tcp --dport 80 -s 192.168.0.0/24 -d 192.168.0.1 -j SNAT --to-source 192.168.0.254
(assuming .254 is your firewall and .1 is your webserver)
skydive wrote:
hi all
i have been experienced a problem since i'm trying to access my web server from my lan through my internet ip.
i have no problems doing DNAT, from those who access my web page form the outside:
iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 80 -j DNAT --to 192.168.0.1:80
this is solving the problem
let's say my web page has the following address www.example.org, and that it is host [like it is ;)) ] in one machine on my lan with the following IP:
192.168.0.1
when i write www.example.org on my web browser, it just hits eth1 on my gateway/firewall and stucks there. maybe i'm missing something on my prerouting rules, or maybe my small brain just can't reach it :)
the way i see it, when i put www.example.org on my web browser, i send i request to my gateway, and it was supposed to take it back to my lan, where the site is hosted.
not working though...
can somebody please help with these missing rules?! or is it just something else i'm missing?
thanks to those who took the time to ride all this garbage and i'm greatfull even if you are not able to help whatever your reason is ;)))
[][] * * * skydive!
------------------------------------------------- Email Enviado utilizando o serviço MegaMail
-- Damien Mason SuSE Systems Specialist
http://www.suse.net.au./ damien@xxxxxxxxxxx
SuSE Linux Asia-Pacific Pty Ltd Ph: +61 (2) 943 943 94 Fax:+61 (2) 9437 38 39
