On Mon, Oct 20, 2003 at 08:29:41AM -0500, lrnobs wrote: > > > >Just so I get it right, I assume since there is only one nic declared in > >the ruleset that the Dlink is providing NAT for the LAN? > > Jack, > > I think the answer is yes. The configuration is dsl to dlink router, dlink > router to hub. Internal pcs have 192.168.0.X addresses. Once things are > prepared the dlink router will allow public port 80 to route to internal > port 8080 and will point to a specific internal pc, which has one network > board and a 192.168.0.X address. Larry - Try doing "hairpin NAT" on your iptables box. Add the following rule after your port 80 rule (placement not critical but nice to keep the webserver stuff together): $IPTABLES -t nat -A POSTROUTING -p tcp --dport 80 -s 192.168.0.0/24 \ -j MASQUERADE (Remember that the \ is a line continuation marker so if you can put the rule all on one line then just delete the \). What this rule translates to in english is: "change the IP header source of all packets coming from the LAN and bound for port 80 to that of the external IP." IOW, your apache httpd.conf will react to the packet as if it came from outside the firewall even though it didn't and should answer it accordingly. -- Jack Bowling mailto: jbinpg@xxxxxxx -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
