Check your httpd-conf file , i'll bet your binding all addresses , and since apache is on the firewall itself ofcourse you get the server you asked for 1.2.3.5 witch is the same as 1.2.3.4, an alias is an alias for the machine you are on not for the machine you want the firewall to serve.
The masquerading works because it points any requests to that alias ( ie the firewall's other address) be sent to another machine. [EMAIL PROTECTED] wrote: > > I'm using netfilter to establish a firewall > for my home network, and mostly everything > is working fine. But there's one quirk that > I noticed right away: > > When I try to access what I'll call apache-B > from the firewall machine, what I get is the > apache server on the firewall machine instead > (I'll call that apache-A). > > Here's my net: > > INET > | > | eth1 (1.2.3.4, 1.2.3.5, 1.2.3.6, 1.2.3.7) <-static > | > FW (PC-A) (apache-A) > | > | eth0 (192.168.2.100) > | > ROUTER (192.168.1.1) > | | | > | | | > | | | PC-D (192.168.1.7) > | | > | | PC-C (192.168.1.6) > | > | PC-B (192.168.1.5) (apache-B) > > I'm nat'ing 1.2.3.5 to 192.168.1.5 > 1.2.3.6 to 192.168.1.6 > 1.2.3.7 to 192.168.1.7 > > From the internet or from PC-B/C/D I can access > apache-B just fine. From everywhere I can access > apache-A as well. But if I use netscape on the > FW machine and point it at 1.2.3.5 (apache-B) what > I get is the local apache server (at 1.2.3.4). > > If I point netscape at 192.168.1.5 I do get apache-B. > > What gives? I've tried all kinds of pre & postrouting > rules and searched the archives, but I can't figure > this out. > > A little help? > > Thanks
