Troy
At 08:30 23.05.2004, Troy Aden wrote:
Hello list. I have a question regarding a rule that used to work but since I have upgraded shorewall it does not work anymore... I am running Bering UCLIBC 2 with shorewall 1.4.5. The rule is as follows:
DNAT net loc:192.168.200.150:443 tcp 80
The purpose of this rule is to make sure that all hits from the net on port 80 are directed to the ssl port on a local server. This rule used to work fine but I am not sure why it no longer is working. Conversely, if I set up 2 DNAT rules, one for http and one for https, I can access the server from outside the firewall with no problems. Can anyone please tell me what I could be missing here?
I guess you want port 80 requests to be redirected to 143 for the purpose of forcing a secure connection. I am not sure you can do this without also telling your browser about it, e.g. tell him to use https. This is normally done using a meta redirect on your webserver, but still in clear text.
Have you checked if the packets to port 80 get redirected at your LEAF box (using tcpdump)?
cheers
Erich
THINK P�ntenstrasse 39 8143 Stallikon mailto:[EMAIL PROTECTED] PGP Fingerprint: BC9A 25BC 3954 3BC8 C024 8D8A B7D4 FF9D 05B8 0A16
------------------------------------------------------- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id149&alloc_id�66&op=click ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
