> -----Original Message----- > From: redhat-list-admin@xxxxxxxxxx > [mailto:redhat-list-admin@xxxxxxxxxx] On Behalf Of Pete Nesbitt > Sent: Thursday, March 04, 2004 12:52 AM > To: redhat-list@xxxxxxxxxx > Subject: Re: What do I need to do? > > On March 3, 2004 05:51 pm, Thomas E. Dukes wrote: > > Hello, > > > > I'd like to have a local machine behind a firewall to receive www > > requests from the outside. I have a firewall using IP > Masqueurading > > with port forwarding but that doesn't work. I keep getting > the "visable" machine. > > > > Do I need to setup a bridge, proxy server or is there > something I need > > to do with my local dns, etc.? I don't really know what this is > > called to know where to start. > > > > TIA > > > Hi Thomas, > I'm running a similar setup, but the server is in a dmz. All > you need for that aspect of the firewall rules is pre and > post routes above the main rules, something like: > > #inbound redircts to webserver (all one line) $IPTABLES -A > PREROUTING -t nat -p tcp -i $EXT_IF --dport 80 -j DNAT > --to-destination $WEB_SERVER_IIP > > # outbound web server connections are all masquaraded (all > one line) $IPTABLES -A POSTROUTING -t nat -o $EXT_IF -s > $WEB_SERVER_IP -j MASQUERADE Thanks for your help!! What are the values for $EXT_IF and $WEB_SERVER_IIP? I am guessing $EXT_IF is the single external ip address and $WEB_SERVER_IIP is the internal ip addrerss of the local machine behind the firewall, right? Wouldn't I need to change the port to something different than 80, such as 8080, so I can get www requests on both the visable and internal machine? (The internal machine is a XP Pro server. I want to be able to run ASP applications that use MS_Access or MSSQL databases.) > (you may not need the outbound) > > That should work if you are running non-routable boxes behind > a sind IP address. > -- > Pete Nesbitt, rhce > > > -- > redhat-list mailing list > unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > https://www.redhat.com/mailman/listinfo/redhat-list > -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
