Re: [Astlinux-users] Hairpin NAT

Fri, 17 Apr 2020 14:42:13 -0700 

Well there you go. Why haven’t I seen this before!
Can you see any reason why I wouldn't turn this on by default for all my sites?

Thanks so much.

Regards
Michael Knill

On 18/4/20, 7:30 am, "Lonnie Abelbeck" <li...@lonnie.abelbeck.com> wrote:



    > On Apr 17, 2020, at 4:22 PM, Michael Knill 
<michael.kn...@ipcsolutions.com.au> wrote:
    > 
    > Hi Group
    >  
    > I should know this but is it possible for Astlinux to do hairpin NAT e.g. 
they can do http://<external IP>:<external port> connecting to an internal host 
both internally and externally?
    > If not then I assume the only way is to use DNS and resolve to the 
internal host address when internal.
    >  
    > Thanks

    The "nat-loopback" plugin should do what you want.

    =====================
    # 
------------------------------------------------------------------------------
    #             -= Arno's iptables firewall - NAT Loopback plugin =-
    # 
------------------------------------------------------------------------------

    # To actually enable this plugin make ENABLED=1:
    # 
------------------------------------------------------------------------------
    ENABLED=0

    # NAT Loopback for local nets using existing NAT_FORWARD_TCP and 
NAT_FORWARD_UDP
    # rules.
    # Note: The default external IPv4 address is obtained from the first
    #       interface defined in the EXT_IF variable.
    #
    # Limit local nets by defining NAT_LOOPBACK_NET, a space separated list.
    # Defaults to NAT_INTERNAL_NET if not defined.
    #
    # Example:
    #   NAT_LOOPBACK_NET="192.168.1.0/24"
    # (IPv4 Only)
    # 
------------------------------------------------------------------------------
    NAT_LOOPBACK_NET=""

    # When local servers are in another LAN they are unreachable (by default) 
unless
    # FORWARD rules are created.  When NAT_LOOPBACK_FORWARD is set to "1" the
    # FORWARD rules to the servers are created for all subnets in 
NAT_LOOPBACK_NET.
    #
    # Defaults to no added forwards if not set to "1"
    # 
------------------------------------------------------------------------------
    NAT_LOOPBACK_FORWARD=0
    =====================

    Lonnie





    _______________________________________________
    Astlinux-users mailing list
    Astlinux-users@lists.sourceforge.net
    https://lists.sourceforge.net/lists/listinfo/astlinux-users

    Donations to support AstLinux are graciously accepted via PayPal to 
pay...@krisk.org.


_______________________________________________
Astlinux-users mailing list
Astlinux-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/astlinux-users

Donations to support AstLinux are graciously accepted via PayPal to 
pay...@krisk.org.

Reply via email to