> Since converting an open /26 network to Dachstein-CD and NAT, we have > several unused ip addresses ;> > > For example: > > x.y.z.66 # Dachstein > x.y.z.100 # unused > 192.168.2.10 # internal host > > How can we, for example, portfw tcp port 80 from an unused public > address to an internal host? > > x.y.z.100:80 -> 192.168.2.10:80 > > In other words, how can some remote internet user point her browser at > x.y.z.100 and get the webserver on 192.168.2.10 ???
First, your firewall needs to be configured with the 'extra' IP address: eth0_IP_EXTRA_ADDRS="x.y.z.100" Then you need to allow the desired inbound traffic through the firewall filters. Note that you need to use the indexed list version (not the space-seperated list) so you can specify the destination IP, or your primary external IP is assumed: EXTERN_TCP_PORT0="0/0 www x.y.z.100" Finally, port-forward the service to the internal machine: INTERN_SERVERS="tcp_x.y.z.100_www_192.168.1.1_www" Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
