saya lagi baca-baca http://www.brennan.id.au/06-Firewall_Concepts.html, dibagian "Destination NAT" terdapat:
# iptables -P INPUT ACCEPT # iptables -P FORWARD DROP # iptables -P OUTPUT ACCEPT # iptables -A FORWARD -i eth1 -o ppp0 -s 192.168.1.0/24 -j ACCEPT # iptables -A FORWARD -i ppp0 -o eth1 -p tcp --dport 80 -j ACCEPT # iptables -t nat -A PREROUTING -i ppp0 -p tcp --dport 80 -j DNAT --to-destination 192.168.1.2:80 # echo 1 > /proc/sys/net/ipv4/ip_forward kalo misalnya jaringan seperti dibawah ini, bagaimana jadinya ya? /-----------------------\ Remote Computer --- | ppp0 : 123.123.123.2 | /---WebServer (Internet Zone) | eth1 : 192.168.1.1 | --- | eth2 : 192.168.2.1 | \---Mail \-----------------------/ | LAN (192.168.2.0/24) Cat: Web Server : 192.168.1.2 -> http://www.example.com Mail Server : 192.168.1.4 -> http://mail.example.com pertanyaannya, bagaimana hubungan DNS Server dengan DNAT? apa berarti di DNS Server harus dibuat (misalnya) seperti ini? supaya resolve ke satu IP 123.123.123.2 lalu di redirect ke 'Server Local' Web/Mail Server? --- $TTL 172800 $ORIGIN example.com. @ IN SOA ns.example.com. hostmaster.example.com. ( 01 ; Serial 10800 ; Refresh after 3 hours 3600 ; Retry after 1 hour 604800 ; Expire after 1 week 172800 ); Minimum TTL of 2 days IN NS ns.example.com. MX 0 mail.example.com. IN A 123.123.123.2 ns IN A 123.123.123.2 www IN A 123.123.123.2 mail IN A 123.123.123.2 --- lalu bagaimana redirect akses dari luar ke IP http://mail.example.com (192.168.1.4) yang sama-sama listen di port 80? -- FAQ milis di http://wiki.linux.or.id/FAQ_milis_tanya-jawab Unsubscribe: kirim email ke [EMAIL PROTECTED] Arsip dan info milis selengkapnya di http://linux.or.id/milis