change from eth0 ---- router interface , to ppp0 --- ethernet modem interface

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I finally changed device to connect to internet on my gateway linux box
, from a netgear router to an ethernet modem device.
Offcourse occourred some changes in my iptables script , what before was
192.168.0.2 ip for eth0 and 192.168.0.1 for my front router now has a
eth0 with no ip and a ethernet router with my dynamic isp ip i grab with
this script :

> EXTIF=ppp0
> EXTIP="`ifconfig $EXTIF | grep inet | cut -d : -f 2 | cut -d \  -f 1`"

- -------
behind my gateway linuxbox (Debian etch) i have two more servers a mail
server and a web ftp server .Mail is working great with this iptables:
> ARGO="`ifconfig ppp0 | grep inet | cut -d : -f 2 | cut -d \  -f 1`"
> $IPT -t nat -A PREROUTING -p tcp -i $IF0 -d $ARGO --dport 25 -j DNAT --to $MAIL:25
> $IPT -A FORWARD -i $IF0 -o $IF1 -p tcp --dport 25 -d $MAIL -j ACCEPT


I have problems with http e https where i'm using this code:
> IF0=ppp0
> IF1=eth1
> $IPT -t nat -A PREROUTING -p tcp -i $IF0 -d $ARGO --dport 80 -j DNAT --to $WWW:80
> $IPT -t nat -A PREROUTING -p tcp -i $IF0 -d $ARGO --dport 443 -j DNAT --to $WWW:443
> $IPT -A FORWARD -i $IF0 -o $IF1 -p tcp --dport 80 -d $WWW -j ACCEPT
> $IPT -A FORWARD -i $IF0 -o $IF1 -p tcp --dport 443 -d $WWW -j ACCEPT

I'm using apache2 with mod_rewrite rewriting connecions from port 80 to 443.
What's wrong with my configuration ? I will try to remove that -d $ARGO
like this:
>$IPT -t nat -A PREROUTING -p tcp -i $IF0 --dport 80 -j DNAT --to $WWW:80
>$IPT -t nat -A PREROUTING -p tcp -i $IF0 --dport 443 -j DNAT --to $WWW:443
And invite you to give it a try http://www.gabrix.ath.cx let's see how
it goes.
Thanks for the attenction !
gabriele



-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFGwhFnaSnKyogvewwRAhpMAKCsepaqX5XZZpuY7/Zg+cmNwNdtcACfSAyC
vLmZeFzdXaXnqio8fXXTouo=
=UdWg
-----END PGP SIGNATURE-----
[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux