Hello, I have a masquerade setup on my router in the following way:
$IPTABLES -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE Additionally I'm prerouting all of the http traffic to a second server (192.168.0.2) because that's where I have my apache running. $IPTABLES -t nat -A PREROUTING -i $EXTIF -p TCP --dport 80 -j DNAT --to 192.168.0.2:80 This works great ... when I'm on the outside network I can get to my web server and all my internal clients have access to the internet. The problem is that when I'm on the internal network (192.168.0.x) and I'm trying to get to my web server let's say: www.bla.com which has public ip say: 139.142.1.100 the prerouting rule above does not work anymore. It just looks for a web server running on the router machine which is not what I want. I suspect I know why it's doing it, but I'm not sure what the solution is ... or if there even is any. My understanding of NAT is that it is translating the addresses only in one direction, so the problem I'm having arises because I'm asking it to do NAT in the direction that it is not setup to work. My temporary solution is to go to the web server by typing http://192.168.0.2 but this is not what I want at all. I also tried taking out the -i $EXTIF from my rule but that didn't help either: $IPTABLES -t nat -A PREROUTING -p TCP --dport 80 -j DNAT --to 192.168.0.2:80 Any ideas anyone? Thanks, Tomas _______________________________________________ clug-talk mailing list [EMAIL PROTECTED] http://clug.ca/mailman/listinfo/clug-talk_clug.ca
