-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wednesday 20 November 2002 10:59, [EMAIL PROTECTED] wrote: > I'm using a DSL line for connecting to the internet and I'm trying to > run a jabber server. > The problem I have is that the jabber server stores each account with > a FQDN. Because I want to use my account from the internet and from > my LAN, I want to connect from my LAN to my external IP that is > shared via dynamic DNS. > > The jabber server runs on a machine behind the firewall and the port > is forwared with destination NAT (DNAT). > [...] > If someone has a hint or a solution which firewall rules to add or > delete to connect to my external assigned IP from my LAN, please send > me an email.
Normally, you should just have to use the DNS name you're using from within the LAN. Your box then looks up the name, gets the assigned dynamic IP, connects to your gateway server and is forwarded to your jabber server. A problem might arise if you're specifying the DNAT based on the device on which packets are received, so you might want to make sure that the DNAT rule catches traffic from within your LAN as well. Something like iptables -t nat -I PREROUTING -p <protocol> -s <yournetspec> --dport <jabberport> -j DNAT --to <jabberserver>:<jabberport> should do the trick. Also make sure you don't block jabber traffic coming from inside your net. - -- Embedded Linux -- True multitasking! TWO TOASTS AT THE SAME TIME! -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.0 (GNU/Linux) iD8DBQE926VYeOF0+zcVdv8RAtBQAJ9PcOGsm7uy07Slt71iMQXxnfM9wQCfQkMb yhSeo+qoCuBmjp+16WFFQbo= =2wqh -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
