i'm not familiar with rinetd, but if you use netfilter to do dnat the source address will be maintained. just make sure internal boxes hit the webserver directly, on the internal ip, rather than through the external one so they don't get confused by packets coming back directly from the web server. something like this should work: /sbin/iptables -t nat -A PREROUTING -p tcp -i eth0 -d $EXTIP --dport 80 \ -j DNAT --to-destination $WEBSERVER:80
/sbin/iptables -A FORWARD -p tcp -d $WEBSERVER --destination-port 80 -j ACCEPT xn On Wed, Apr 10, 2002 at 11:01:25AM +0700, N. A. Hilal wrote: > dear, > > i have webserver (running on localnet rfc1918) stay behind a > firewall (using rinetd for redirecting), the apache's log > read all access from the internal interface's firewall > instead of the original source address. > > any idea how can i log the original source ipaddress's > anyone who access my webserver even i use redirecting..? > > thx, > N. A. Hilal > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
