Vineet Kumar wrote:
* Markus Kolb ([EMAIL PROTECTED]) [031020 12:47]:
Hello,
how can I setup a forwarding rule with ipchains that a connect to host A
is redirected to the Apache-SSL webserver listening on host B.
I want to have a transparent forwarding. The user should enter the
address from host A in his browser and the webserver from host B should
answer the requests.
The webserver on host B is listening to all addresses at the specific
port 423.
So at the moment I try with
ipmasqadm autofw -A -v -r tcp 423 423 -h "${IP from host B}"
on host A.
If I try to connect https://IP_host_A:423/ I get a connection timeout.
I've just dumped the traffic with ethereal.
First there is an ICMP Redirect.
The browser sends a SYN request to the right host B from port 2090 to 423.
Host B answers with a SYN ACK to browser host from 423 to 2090.
After this browser sends a reset from 2090 to 423 at host B.
It sounds like you're trying to do this on a host which is not a router
between the browser host and host B.
It is a router and it forwards the port.
But only from the outside world, not the LAN side.
I've just tested it from another host in the Internet.
I think I need another masq rule in my forward chain. ;o)
Many thx for your answer
