[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Invalid httpd logs with port forwarding


Simply put, is there a way to do port forwarding without having the
source address modified?

Here is the problem: I'm using the following rules to forward port 80
trafic to a HTTP server behind a firewall:

iptables -t nat -A PREROUTING -p tcp --dport 80 -d -j DNAT
iptables -A FORWARD -p tcp --dport 80 -d -m state --state

The port forwarding works just fine, but all log entries on the HTTP
server show the same source address, which is the local address of the
firewall ( I'd like the logs to show the real IP address of
the client from which the connection originates.

Any help, pointer or suggestion would be appreciated.


Dominic Duval		
SOLIDD Technologies, www.dd.qc.ca
Cell: 514-581-7975, ICQ: 4251006, MSN: dduval2@hotmail.com

Reply to: