On 11/28/02 5:37 AM, "Lisa" <[EMAIL PROTECTED]> tapped the keys:
> I was wondering if someone could help me with the following as I am new to > linux: > > I have a firewall with 1 external n/w card and 1 internal n/w card. > > A number of machines on the LAN are on this firewall. I have apache running > on one of the machines inside the firewall. I have one other person who dials > in from home (outside the f/w using dynamic ip) He wants to be able to connect > to the instance of apache which running the internal machine. > > I have tried using DNAT to route any traffic coming in from his range of ip > address to the internal machine, port 80. This doesn't seem to work. I have > opened up port 80 on the firewall . > > Eventually I will have to put in a rule that allows packets from any external > address to be sent to this machine using port 80. > > Could some help me with either of these problems If you're using SNAT/Masqerading and have forwarding enabled, try this: iptables -A FORWARD -i eth0 -o eth1-p tcp --dport 80 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT iptables -A PREROUTING -t nat -p tcp -d ext.ip.add.ress --dport 80 -j DNAT --to int.ip.add.ress:80 Where eth0 is your external interface and eth1 is internal. Modify as needed. Is that what you're after? -- Ed Marczak [EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list