On Wed, Jul 31, 2002 at 12:47:04AM +0200, Damian Jurzysta wrote: > I did try to connect from the internet when the rdr was set to the > external interfact, that's what refuses to work, and I don't understand > why.
The rules you quoted are not the cause of the problem (assuming you quoted precisely what you had actually loaded). But there were several people reporting this kind of problem who discovered after quite some debugging that their ISP was blocking incoming connections to port 80. Run tcpdump -i vr0 and connect from the outside, do you see an incoming TCP SYN? If you see it, run tcpdump -i xl0 and repeat, do you see the translated packet go into your LAN to the web server? If so, run tcpdump on the web server to see if the packet arrives there, and whether a SYN+ACK is sent in reply. If even that happens, check whether the reply makes it back to the firewall. You set the web server's default gateway to the internal address of the firewall, didn't you? Daniel
