Restating your problem. Every thing works as expected
for requests originating from the public internet, But any requests origination
from the LAN behind your firewall gets denied. This could very well be a IPFW firewall rules problem. You
have to have a IPFW rule to allow all originating LAN traffic to pass through
the firewall. For each LAN Nic card you have on your GATEWAY/IPFW FBSD box, you
must have an corresponding rule in the IPFW rules file like this. allow all from any to any via
xl0 Where xl0 is the
FBSD NIC card device name of your Lan Nic card. This rule normally is located in the beginning of the IPFW
rules file. If you still need help post your IPFW rules file for review. Joe -----Original
Message----- Hi. I changed my network setup a while ago. I had to put
everything behind a firewall router due to a denial of service attack.. So now,
I am specifying a “static” ip in my rc.conf, but it’s a local one,
192.168.1.20, I port forwarded all the services to that ip. The problem is, you
can all go to my site, http://www.unixhideout.com,
but if I click that url, my router pass box pops up… I had to temporarily
change ALL the links in my site, for example <img src="http://www.unixhideout.com/img/blah.gif
to <img src="/img/blah.gif.. and I access the box using http://192.168.1.20 I don’t want to have to do this,
and a lot of things do not work for me and its my site!! Well, I posted this a
while ago, and a lot of people said if I ran my own DNS for my domain, I could
stop this from happening.. Well I took the time to learn DNS a bit, and im
running it now, and I was wondering exactly what I need to do.. In my
unixhideout.com.hosts I specified this.. $ttl 38400 unixhideout.com. IN SOA labs. root.unixhideout.com.
(
1025839968
10800
3600
604800
38400 ) unixhideout.com. IN NS labs labs.unixhideout.com.
IN
A
65.187.193.189 root.unixhideout.com.
IN
RP
root.unixhideout.com. admin Host-Info.unixhideout.com. IN HINFO INTEL FreeBSD mail.unixhideout.com.
IN
MX
10 65.187.193.189 unixhideout.com. IN A 65.187.193.189 mail.unixhideout.com.
IN
A
65.187.193.189 smtp.unixhideout.com.
IN
A 65.187.193.189 www.unixhideout.com. IN A 65.187.193.189 pop3.unixhideout.com.
IN
A
65.187.193.189 irc.unixhideout.com. IN A 65.187.193.189 email.unixhideout.com.
IN
A
65.187.193.189 ftp.unixhideout.com. IN A 65.187.193.189 Everything works.. You guys (the net) can go to my site and use
all the services. But I cannot.. I tried changing all those IPS to
192.168.1.20, and then I could use unixhideout.com and you couldn’t!! im losing
my patience! Please tell me what I have to do for the internet AND ME to be
able to use the domain I paid for! =] and when you explain pretend I’m 2 years
old. Im fragile. Thanks! sagacious (Mike) Network administrator The unixhideout network |
- Need help with DNS sagacious
- Re: Need help with DNS Moti Levy
- RE: Need help with DNS Joe & Fhe Barbish
- RE: Need help with DNS sagacious
- RE: Need help with DNS Carroll, D. (Danny)
- RE: Need help with DNS Carroll, D. (Danny)