Hello, I set up machine #1 to act as just a packet filtering machine, and machine #2 to run apache. Whenever I look at the apache access logs, the only IP that shows up is that of the firewall's. Although people can get to the site this way, I can't analyze where my traffic is coming from, etc. How do I set it up so that the IP of the actual user shows up in my logs? Someone in #debian told me that I shouldn't NAT the external addresses. I don't know what that means. These are the two lines that do the operation in question.
iptables -A INPUT -i eth0 -m state --state NEW,ESTABLISHED,RELATED -p tcp -s 0.0.0.0/0 -d 192.168.1.1 --dport 80 -j ACCEPT iptables -A PREROUTING -t nat -p tcp -d 192.168.1.1 --dport 80 -j DNAT --to 192.168.1.2:80 Thanks in advance! -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
