On March 3, 2004 05:51 pm, Thomas E. Dukes wrote: > Hello, > > I'd like to have a local machine behind a firewall to receive www requests > from the outside. I have a firewall using IP Masqueurading with port > forwarding but that doesn't work. I keep getting the "visable" machine. > > Do I need to setup a bridge, proxy server or is there something I need to > do with my local dns, etc.? I don't really know what this is called to > know where to start. > > TIA Hi Thomas, I'm running a similar setup, but the server is in a dmz. All you need for that aspect of the firewall rules is pre and post routes above the main rules, something like: #inbound redircts to webserver (all one line) $IPTABLES -A PREROUTING -t nat -p tcp -i $EXT_IF --dport 80 -j DNAT --to-destination $WEB_SERVER_IIP # outbound web server connections are all masquaraded (all one line) $IPTABLES -A POSTROUTING -t nat -o $EXT_IF -s $WEB_SERVER_IP -j MASQUERADE (you may not need the outbound) That should work if you are running non-routable boxes behind a sind IP address. -- Pete Nesbitt, rhce -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
