Board index Linux Networking

ipchains + ipmasqadm Forwarding Issues

ipchains + ipmasqadm Forwarding Issues

Post by Eric Enrig » Tue, 04 Dec 2001 15:31:56



Hi!

I have a problem that I know is (or at least was) a known issue, that
I can't find a way around.
I have a router/firewall that provides masq'd access to the net for a
few machines in my home.  I want to setup a DMZ on the local LAN
(192.168.x.x), and forward some ports, like 80, to it.  Everything
works remotely, but not internally.  I thought I had found a way
around this, by using a slightly different domain name pointing to the
internal address, only to discover that when accessing some files
symlinked in another directory from the document root (a separate
hardrive, actually), the way Apache looked it up made it use the
external name, so no go.

If anyone has a suggestion as to how I could get this working I would
greatly appreciate it.

-E/E

 
 
 
Top

ipchains + ipmasqadm Forwarding Issues

Post by Dean Thompso » Tue, 04 Dec 2001 21:50:00


Hi!,

Quote:> I have a problem that I know is (or at least was) a known issue, that
> I can't find a way around.
> I have a router/firewall that provides masq'd access to the net for a
> few machines in my home.  I want to setup a DMZ on the local LAN
> (192.168.x.x), and forward some ports, like 80, to it.  Everything
> works remotely, but not internally.  I thought I had found a way
> around this, by using a slightly different domain name pointing to the
> internal address, only to discover that when accessing some files
> symlinked in another directory from the document root (a separate
> hardrive, actually), the way Apache looked it up made it use the
> external name, so no go.

> If anyone has a suggestion as to how I could get this working I would
> greatly appreciate it.

I know that the iptables document suggests that this problem is as a result of
the OUTPUT chain being evaluated and not the FORWARD/PRE-ROUTING chain which
is normally consulted.  I am not sure whether there is a solution available
for the ipchains/ipmasqadm solution.

See ya

Dean Thompson

--
+____________________________+____________________________________________+

| Bach. Computing (Hons)     | ICQ     - 45191180                         |
| PhD Student                | Office  - <Off-Campus>                     |
| School Comp.Sci & Soft.Eng | Phone   - +61 3 9903 2787 (Gen. Office)    |
| MONASH (Caulfield Campus)  | Fax     - +61 3 9903 1077                  |
| Melbourne, Australia       |                                            |
+----------------------------+--------------------------------------------+

 
 
 
Top

1. Kernel 2.2.1:IPCHAINS:IPPORTFW:IP port forwarding: IP Masq: ipmasqadm

Thanks to a kind soul from this forum (gweeks) we've just saved $5000 on
new firewall software.

Remember to compile Kernel 2.2.1 with the experimental options under
"Code maturity level options" and the you will have access to the IP
port forwarding options under "Networking options".

Only then can your IP port forward work.  Maybe you all know this, and
I'm slow.  Hope this helps someone besides me.  (I can't wait for you to
pick this up on Dejanews.)

:-)

2. tcpdump output of port forwarding of 80

3. port forwarding problems (ipmasqadm + ipchains)

4. Need RAID for SCO V3.0

5. ipchains, ipmasqadm and port forwarding to apache

6. NIS question

7. ipchains port forward, ipmasqadm mfw

8. Chicago: WWW Developer

9. Getting ipmasqadm to play nice with ipchains rules for port forwarding

10. Can't forward ports w/ ipchains ipmasqadm

11. ipmasqadm & ipchains: port forwarding

12. IP forwarding with ipmasqadm, ipchains and a static dial-up connection

13. IPCHAINS & IPMASQADM Port Forwarding


All times are UTC
Board index