Hello, I sent this note to the debian-user list the other day, and then realized this would probably be a more appropriate list. Sorry if you're getting it twice, but since I recieved no responses on the other one, I figured people were ignoring it since it probably shouldn't have been there.
I set up machine #1 to act as just a packet filtering machine, and machine #2 to run apache. Machine #1 forwards all port 80 requests to machine #2. Whenever I look at the apache access logs, the only IP that shows up is that of the firewall's. Although people can get to the site this way, I can't analyze where my traffic is coming from, etc. How do I set it up so that the IP of the actual user shows up in my logs? Someone in #debian told me that I shouldn't NAT the external addresses. I don't know what that means. These are the two lines that do the operation in question: iptables -A INPUT -i eth0 -m state --state NEW,ESTABLISHED,RELATED -p tcp -s 0.0.0.0/0 -d 192.168.1.1 --dport 80 -j ACCEPT iptables -A PREROUTING -t nat -p tcp -d 192.168.1.1 --dport 80 -j DNAT --to 192.168.1.2:80 Thanks in advance! -- The dismantled, half-destroyed Dazed Yugo, amongst the bloody windshields of brothers, dares not make lamentations audible. "Maybe I'll become a Lexus," it hopes.
