Hello! I came back home (the previous email I was sending from work) and found that DNAT works!!! :)
I wonder why it works now. But it should also work from LAN, am I right? And in my iptables -L | more I had everything you asked me. Now, I'll have to check from work place if it works or not... Thank you!!! askar PS. I don't see "Reply to list", I have only Reply, Reply To ALL, Forward and Invite someone to Gmail. :-( > I trust that this IP address is the public IP address of your firewall. > > I presume that you have also configured your firewall as described here: > > http://shorewall.net/two-interface.htm > > If these two statements are true, then are you sure that your ISP does not > block port 80. > > Check this by looking at what is being blocked in your logs. You should be > able to see your attempts being blocked or dropped by issuing the following > command on the firewall: > # tail -f /var/log/syslog > > If not, then shorewall is not blocking. > > Try issuing the same command on your webserver while trying to browse to it > and you may see it is blocking or dropping. > > If none of these add any info, then issue the following command on your > firewall: > > # iptables -L|more > > This shows what your firewall is actually setup to do with any packets. Look > for the section labelled "Chain net2loc". This is where the DNAT forwarders > should be listed. > > The first entry in this section should be: > > ACCEPT all -- anywhere anywhere state > RELATED,ESTABLISHED > > This means any connection in-bound that is associated with an already > established outbound connect should be allowed. (This is for non-passive FTP > amongst others.) > > The last item should be: > > net2all all -- anywhere anywhere > > This says that anything not already covered in this section gets passed on to > the chain called "net2all" which usually says "DROP". > > The ones in between are where your specific forwarding/DNAT stuff should go. > You should see something like: > > ACCEPT tcp -- anywhere webserver.mynetwork.foo tcp > dpt:80 > > If thats not there, then forwarding is not happening. > > We'll have to look at your config if these lines do not appear. > > > > > Finally: Please reply to the list - not to me personally. These lists > > > offer others the ability to learn and to add input. > > > > I didn't know that messages went to you - I was just clicking reply button. > > Maybe somth wrong with your mail client settings. Please check. > > To the field "TO" I manually changed email address this time. > > In your client, you have to specify "Reply to List", not just "Reply". I know > that exists somewhere in GMail. > > Cheers, > > > > askar > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > >
