В Вск, 17/05/2009 в 14:54 -0700, Aaron Clausen пишет: > On Fri, May 8, 2009 at 08:57, Michele Petrazzo - Unipex > <michele.petrazzo@xxxxxxxxx> wrote: > > Aaron Clausen wrote: > >> > >> With the 3Com router, I can, from another internal computer, > >> access that server via the external interface (ie, by going > >> http://publicaddress). When I throw in my Linux router, it does not > >> do that, and user's have to use the internal IP or host name to access > >> the device. > >> > > > > What rules have you wrote? > > an > > iptables -t nat -A PREROUTING -s local_addrs/mask -d ip_addrs \ > > -p tcp --dport http -j DNAT --to-destionation internal_web > > and the respective > > iptables -t nat -A POSTROUTING -d internal_web -p tcp --dport http -j SNAT > > --to-source gw_ip > > > > must to the trick. > > > > So the request stay inside the lan and there is no "loops" > > How do write this if the WAN IP is supplied via DHCP? -j MASQUERADE -- Покотиленко Костик <casper@xxxxxxxxxxxx> -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html