saya lagi baca-baca http://www.brennan.id.au/06-Firewall_Concepts.html,
dibagian "Destination NAT" terdapat:
# iptables -P INPUT ACCEPT
# iptables -P FORWARD DROP
# iptables -P OUTPUT ACCEPT
# iptables -A FORWARD -i eth1 -o ppp0 -s 192.168.1.0/24 -j ACCEPT
# iptables -A FORWARD -i ppp0 -o eth1 -p tcp --dport 80 -j ACCEPT
# iptables -t nat -A PREROUTING -i ppp0 -p tcp --dport 80 -j
DNAT --to-destination 192.168.1.2:80
# echo 1 > /proc/sys/net/ipv4/ip_forward
kalo misalnya jaringan seperti dibawah ini, bagaimana jadinya ya?
/-----------------------\
Remote Computer --- | ppp0 : 123.123.123.2 | /---WebServer
(Internet Zone) | eth1 : 192.168.1.1 | ---
| eth2 : 192.168.2.1 | \---Mail
\-----------------------/
|
LAN
(192.168.2.0/24)
Cat:
Web Server : 192.168.1.2 -> http://www.example.com
Mail Server : 192.168.1.4 -> http://mail.example.com
pertanyaannya, bagaimana hubungan DNS Server dengan DNAT?
apa berarti di DNS Server harus dibuat (misalnya) seperti ini? supaya
resolve ke satu IP 123.123.123.2 lalu di redirect ke 'Server Local' Web/Mail
Server?
---
$TTL 172800
$ORIGIN example.com.
@ IN SOA ns.example.com. hostmaster.example.com. (
01 ; Serial
10800 ; Refresh after 3 hours
3600 ; Retry after 1 hour
604800 ; Expire after 1 week
172800 ); Minimum TTL of 2 days
IN NS ns.example.com.
MX 0 mail.example.com.
IN A 123.123.123.2
ns IN A 123.123.123.2
www IN A 123.123.123.2
mail IN A 123.123.123.2
---
lalu bagaimana redirect akses dari luar ke IP http://mail.example.com
(192.168.1.4) yang sama-sama listen di port 80?
--
FAQ milis di http://wiki.linux.or.id/FAQ_milis_tanya-jawab
Unsubscribe: kirim email ke [EMAIL PROTECTED]
Arsip dan info milis selengkapnya di http://linux.or.id/milis
