Hi, Im trying to set up a 'firewall/proxy' with port forwarding (Using linux 2.2.14, ipchains and ipmasqadm portfw.) When my local machine goes to a public website, the proxy server will rewrite the SOURCE address (as seen by the remote webserver.) So obviously, the masquerading works. In the event our Internet connection is lost, I wish to redirect the web browsing to a local server (ona different subnet). The forwading works, but the SOURCE address according the the 'redirected' www server shows the NON-MASQUERADED address (private lan address). This results in the www server not being able to find the original 'browser'. Why wouldnt the forwarded packets be masqueraded? (rules) # I set all policies to ACCEPT just for debugging/logging purposes..it still # doesnt work..I also tried to use the eth0 and eth1 'LOCAL' addresses # for forwarding #ipchains -P forward ACCEPT #ipchains -A forward -s 172.34.200.0/24 -j MASQ #ipchains -P input ACCEPT #ipchains -P output ACCEPT #loopback forwarding #ipmasqadm portfw -a -P tcp -L 127.0.0.1 80 -R 1.1.1.1 80 #lan ipforwading (eth1) ##ipmasqadm portfw -a -P tcp -L 172.34.200.9 80 -R 1.1.1.1 80 #public IP forwarding (eth0) ##ipmasqadm portfw -a -P tcp -L 2.2.2.2 80 -R 1.1.1.1 80 (all of course WERE in fact uncommented and IP addresses were changed to protect the guilty :-) Thanks in advance, David Tarendash - [To unsubscribe, send mail to [EMAIL PROTECTED] with "unsubscribe firewalls" in the body of the message.]
