You can't do that in a datacenter environment where every custoemr has their
own DNS servers.
From: Kris Maglione [mailto:bsdaemon at comcast dot net]
Sent: Tuesday, October 18, 2005 10:04 AM
To: Chris Dickens
Cc: m0n0wall dash dev at lists dot m0n0 dot ch
Subject: Re: [m0n0wall-dev] 1.3 OS attributes/feature list - no comments?
Chris Dickens wrote:
>Personally, I am happy with the features just as they
>are for m0n0wall, except for the long-standing issue with the inside
>NAT that I continue to rant about. :-)
That issue really isn't /that/ hard to fix; it just requires adding separate
rules to any interfaces that require the NATing. It shouldn't even be that
hard to accomidate in the code. The better solution is really to change the
DNS mapping so that the traffic doesn't have to be routed through the
firewall when it shouldn't need to.