[Nottingham] some iptables magic required
Martin
martin at ml1.co.uk
Sun Jan 2 01:42:55 GMT 2005
Michael wrote:
[...]
> 19 Sept 2001 Why a NATed client fails to access a web server behind an
> iptables firewall ? (2)
>
> iptables -A POSTROUTING -t nat -o \
> $INSIDE_DEVICE -p tcp -s $INSIDE_NETWORK \
> -d $WEB_SERVER --dport 80 -j SNAT --to \
> $INSIDE_IP
[...]
Instead of all the SNAT and DNAT spagetti, you could run bind to serve
DNS for your lan. The local machines could get your lan addresses for
your domains, with all other DNS requests forwarded/cached as required.
I can give you a copy of my setup if you're interested.
Cheers,
Martin
--
----------------
Martin Lomas
martin at ml1.co.uk
----------------
More information about the Nottingham
mailing list