Linksys, ipchains/iptables and Apache

To: debian-firewall@lists.debian.org
Subject: Linksys, ipchains/iptables and Apache
From: "Robb Kidd" <rkidd@ncmec.org>
Date: Tue, 17 Jul 2001 16:39:56 -0400
Message-id: <[🔎] 3B54A29C.D159778F@ncmec.org>

	I'm tinkering with a setup at home. I am currently using a Linksys
BEFSR41 4-port Cable/DSL router to share my cable service and have port
80 forwarded to a Debian potato box running Apache.  It seems obvious
now, I suppose, but when reviewing my web logs, all connections are
logged as coming from the Linksys' internal address.  It's not a busy
site, but I'd like to keep track of who is connecting and I'd also like
to get my hands dirty by setting up a firewall myself.
	Were I to replace the Linksys firewall/router with an ipchains (or
iptables?? recommendations?) firewall on the web server, would the
public source IPs of connections show up in Apache's logs?  I imagine
that they would since web connections wouldn't be NAT'd/MASQ'd.
	For security's sake, if kept them seperate and ran the
ipchains/iptables on a seperate box using port forwarding to the web
server (using a private IP), would I have the same problem?

	Any advice or guidance is appreciated! Thanks.

Reply to:

Follow-Ups:
- Re: Linksys, ipchains/iptables and Apache
  - From: Vineet Kumar <debian-security@virtual.doorstop.net>

Prev by Date: Re: More IPtable help
Next by Date: Re: Linksys, ipchains/iptables and Apache
Previous by thread: Re: Problem pinging the DMZ
Next by thread: Re: Linksys, ipchains/iptables and Apache
Index(es):
- Date
- Thread