On Tue, Feb 26, 2002 at 04:10:36PM -0800, Karl M. Hegbloom wrote: > I agree, since putting that at the netfilter level obviates the need > for special purpose code in any arbitrary application needing access > to the DMZ via an IP returned by a DNS lookup that hands back the > router's external IP. It also eliminates needing to separately > configure whatever peice of software that may be, and the requirement > of an internal DNS server, hosts entry, or separate dmz domain > visible only from the internal network.
Thanks for your comment. The issue has already been resolved, since there now is a local-nat patch in patch-o-matic which fully supports DNAT in OUTPUT. We will submit it for kernel inclusion soon. > mailto: (Karl M. Hegbloom) [EMAIL PROTECTED] -- Live long and prosper - Harald Welte / [EMAIL PROTECTED] http://www.gnumonks.org/ ============================================================================ GCS/E/IT d- s-: a-- C+++ UL++++$ P+++ L++++$ E--- W- N++ o? K- w--- O- M+ V-- PS++ PE-- Y++ PGP++ t+ 5-- !X !R tv-- b+++ !DI !D G+ e* h--- r++ y+(*)
