Le dim 11/01/2004 à 11:21, Romain Moyne a écrit : > I have a http server (debian 3.0) behind a router (debian 3.0). I have a > problem when I want to log the visitor's IP of my website with PHP or > Perl or all language. I have always the IP of my router ! Somebody tell > me that I must do port translation but I have searched and I haven't > fand anything. > Can you help me ? > This is the rules of my router : > iptables -t nat -A PREROUTING -d MyIP -p tcp --dport 80 -j DNAT > --to-destination 192.168.0.3:80 You have a problem here. This single rule does not prevent your webserver from seeing client IP as source, as you only modify destination IP. You may have a SNAT rule in POSTROUTING chain that is not restricting enough and also SNAT incoming traffic to your router's IP when it should not. -- http://www.netexit.com/~sid/ PGP KeyID: 157E98EE FingerPrint: FA62226DA9E72FA8AECAA240008B480E157E98EE >> Hi! I'm your friendly neighbourhood signature virus. >> Copy me to your signature file and help me spread!
