Good afternoon,
I´m trying to redirect connections to an external address back to an
internal address, like this:
A = Any internal machine (192.168.X.X)
B = Internal Server (192.168.X.4)
C = Firewall Internal Address (192.168.X.1)
D = Firewall External Address (10.X.X.1)
E = Router Internal Address (10.X.X.10)
F = Router Internet Address (YYY.YY.Y.YY)
A =================> | |
| |
| C D |
----------------------------------- | E F |
B <================= | |
| |
I want, when machines A asks for port 80 in F, the firewall (iptables)
C/D redirects it back to B (access must not be done using a proxy).
Here´s what I´ve tried:
-A PREROUTING -s 192.168.X.X -d YYY.YY.Y.YY -p tcp -m tcp --dport 80
-j DNAT --to-destination 192.168.X.4
Checked TCPDump, and here´s what I´ve got:
IP 192.168.X.X.1365 > 192.168.X.4.80
IP 10.X.X.1.4972 > 192.168.X.4.80
IP 192.168.X.4.80 > 10.X.X.1.4972
Apparently it did work. But once my web server answers, the answer is
not sent back to the machines in my internal network.
Anyone that can give me some light into it?
Thank you
Henrique
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
