/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting!
/* ALSO: Don't quote this header. It makes you look lame :-) */
Rodrigo Morais Araujo wrote:
> Hi all, I have a few computers in a LAN with a internal ip adress,
> including a web, mail and DNS server inside this LAN without a valid ip
> number. A Linux box with two ethernet adapters, one with a valid ip an
> another with a internal adress masquerading this adress to the internet
> and redirecting a few ports to my mail, web and DNS server.
> When we ask for this services in any were in the internet it's all OK but
> when we try to request a web connection inside LAN to the real ip nothing
> happen diferent if i try to get a internal adress.
>
> My system:
> Linux 2.2.16
> ipchains policy:
> input: ACCEPT
> forward: DENY
> MASQ source 192.168.0.0/24
> output: ACCEPT
>
> ipmasqadm portfw:
> redirecting 80 -> 192.168.0.210:80
this is a well known problem. you haven't done anything
wrong. the kernel just doesn't support internally initiated
port forwarding. either live with it, set up split dns zones
so internal name queries resolve to private addresses but
external queries resolve to public addresses, or download
michael best's kernel patch which fixes the problem from
http://www.com.org/~michael/masq-demasq.zip
raf
_______________________________________________
Masq maillist - [EMAIL PROTECTED]
Admin requests can be handled at http://www.indyramp.com/masq-list/ --
THIS INCLUDES UNSUBSCRIBING!
or email to [EMAIL PROTECTED]
PLEASE read the HOWTO and search the archives before posting.
You can start your search at http://www.indyramp.com/masq/
Please keep general linux/unix/pc/internet questions off the list.
