Hi, I have a webserver running in my dmz. IP: 192.168.2.5.
net = enp1s0, IP = 1.2.3.4 (public ip) loc = enp2s0, IP = 192.168.1.1 dmz = enp3s0, IP = 192.168.2.1 Let's assume my domain is mydomain.com and public IP is 1.2.3.4. Hosts on the internet can reach mydomain.com. Hosts on loc can reach webserver on dmz:192.168.2.5 using internal ip. The web application runs in a docker container on 192.168.2.5. There is a function in there to generate a pdf and that code calls itself and the pdf is generated. I'm not the dev of the app, so I don't know the details. Ok, when access internally using 192.168.2.5 pdf is generated just fine. When trying from the internet it does not work. The problem is then that the pdf code tries to call itself using the public ip 1.2.3.4. That fails. I've seen this issue before but then it was some SOAP call trying to call itself using the pub ip. I solved that by putting the following in /etc/hosts on the webserver: 192.168.2.5 mydomain.com Then the SOAP called itself using 192.168.2.5 regardless of internal og external request. However, this approach does not work in my current issue. I've looked at faq 2 and also proxy arp. If I could make pub IP to work on the webserver I guess the app will work as the dev expects. Hope this makes sense and I've managed to explain what I'm trying to do :-) What is best practice here? Thanks, -Øyvind _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
