I'm tinkering with a setup at home. I am currently using a Linksys
BEFSR41 4-port Cable/DSL router to share my cable service and have port
80 forwarded to a Debian potato box running Apache. It seems obvious
now, I suppose, but when reviewing my web logs, all connections are
logged as coming from the Linksys' internal address. It's not a busy
site, but I'd like to keep track of who is connecting and I'd also like
to get my hands dirty by setting up a firewall myself.
Were I to replace the Linksys firewall/router with an ipchains (or
iptables?? recommendations?) firewall on the web server, would the
public source IPs of connections show up in Apache's logs? I imagine
that they would since web connections wouldn't be NAT'd/MASQ'd.
For security's sake, if kept them seperate and ran the
ipchains/iptables on a seperate box using port forwarding to the web
server (using a private IP), would I have the same problem?
Any advice or guidance is appreciated! Thanks.
