You don't know why it works? Or you don't know why it does not work ? I think it doesn't work... If you have Internet connected Webserver and there is requirement to establish a connection over localnetwork to internet, the webserver try to respond over his internet connection, because server know diferent way to the Internet then your firewall.
That's why. Tomfi Makara napsal(a): > Hi all, > > I have 2 internet connections ip $ipinet1 for other > traffics and $ipinet2 for mail it works properly. > I want to allow the connection from internet connect > to my local web server(172.16.0.4) via $ipinet1 so I > do port forwarding > > iptables -A PREROUTING -t nat -i $ifinet1 -d $ipinet1 > -p tcp --dport 80 -j DNAT --to 172.16.0.4:80 > > I allow FORWARD Rule from firewall to my local > webserver > > iptables -A FORWARD -m state --state > RELATED,ESTABLISHED -j ACCEPT > > iptables -A FORWARD -p tcp --dport 80 -i $ifinet1 -o > $iflocalnet -j ACCEPT > > I don't know why it does work? if you have any idea > please help. > > Thanks > > __________________________________________________ > Do You Yahoo!? > Tired of spam? Yahoo! Mail has the best spam protection around > http://mail.yahoo.com > > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]