iptables: forwarding internal webserver
Hi,
I have a router<->firewall<->LAN with the firewall being a Linux box. The
firewall runs (among others) a webserver. When from within the LAN a
webpage is requested with the external IP, the browser gives a time-out
because the router freaks out when his own IP is requested from within.
What I would like to do is that queries made to the external IP $ext_ip
from the LAN $lan_ip is forwarded to the server directly, $server_ip.
I have rtfm and stfw and came up with the following two lines:
$IPTABLES -t nat -A PREROUTING -p tcp -i $lan_iface -s $lan_ip -d $ext_ip -j DNAT --to $server_ip
$IPTABLES -t nat -A POSTROUTING -o $lan_iface -j MASQUERADE
Another form I have been playing around with:
$IPTABLES -t nat -A PREROUTING -d $ext_ip -p tcp -j DNAT --to $server_ip
$IPTABLES -t nat -A POSTROUTING -d $server_ip -s $local_lan -p tcp -j SNAT --to $server_ip
neither of them seem to work. I must be overlooking something. Can someone
help?
Thanks in advance,
Sebastiaan
--
NT is the OS of the future. The main engine is the 16-bit Subsystem
(also called MS-DOS Subsystem). Above that, there is the windoze 95/98
16-bit Subsystem. Anyone can see that 16+16=32, so windoze NT is a
*real* 32-bit system.
Reply to: