[ previous ] [ next ] [ threads ]
 
 From:  "David Cavanaugh" <dcavanaugh at thewebpros dot net>
 To:  <JSimoneau at lmtcs dot com>, <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] Accessing internal hosts via external IP
 Date:  Thu, 31 Mar 2005 16:33:13 -0500 
Josh:

Hmm. . .

It just seems strange to me that iptables can do something ipfilter/ipfw
cannot. As I said, I'm no BSD anything. Hell, I barely know linux. Even
so, it would be nice to know if such a thing is physically impossible (I
really don't need to know why) with the software that m0n0wall uses--
before I Google myself silly looking for an analogue to the iptable
commands I posted earlier.

Thanks,

Dave

-----Original Message-----
From: JSimoneau at lmtcs dot com [mailto:JSimoneau at lmtcs dot com] 
Sent: Thursday, March 31, 2005 3:29 PM
To: m0n0wall at lists dot m0n0 dot ch
Subject: RE: [m0n0wall] Accessing internal hosts via external IP

Dave,

I'd like to see it. A lot of other people would like to see I, toot.
But,
I'm not exactly sure where the issue lies. If I'm remembering correctly
from earlier posts, it's not an easy problem to solve.

Regards,
Josh Simoneau


-----Original Message-----
From: David Cavanaugh [mailto:dcavanaugh at thewebpros dot net] 
Sent: Thursday, March 31, 2005 2:58 PM
To: Josh J Simoneau
Cc: m0n0wall at lists dot m0n0 dot ch
Subject: RE: [m0n0wall] Accessing internal hosts via external IP

Right.

So it's a known issue. Does that mean such a thing would be possible in
the future?

Thanks,

Dave

-----Original Message-----
From: JSimoneau at lmtcs dot com [mailto:JSimoneau at lmtcs dot com]
Sent: Thursday, March 31, 2005 2:44 PM
To: David Cavanaugh
Subject: RE: [m0n0wall] Accessing internal hosts via external IP

Dave,

This is a known issue with monowall. From the LAN you need to access
systems using their LAN IP address. NAT only works from the WAN
interface.

The solution to this is the DNS Forwarder, but that might not be what
you're looking for if you're doing everything by IP address.

Regards,
Josh Simoneau



-----Original Message-----
From: David Cavanaugh [mailto:dcavanaugh at thewebpros dot net]
Sent: Thursday, March 31, 2005 1:13 PM
To: m0n0wall at lists dot m0n0 dot ch
Subject: [m0n0wall] Accessing internal hosts via external IP

Using iptables we were able to access internal machines via their public
IPs using commands similar to:

iptables -t nat -A PREROUTING -i $INTERNAL_INTERFACE -d
$EXTERNAL_ADDRESS
-j DNAT --to $INTERNAL_ADDRESS

iptables -t nat -A POSTROUTING -o $INTERNAL_INTERFACE -d
$INTERNAL_ADDRESS
-s $DMZ_NETWORK -j SNAT --to $DMZ_GATEWAY

And it worked for years-- no problems.

Now, since I am totally ignorant concerning ipfilter and ipfw, can
anyone
unequivocally say that is impossible in m0n0wall?

I'm only curious.

Thanks,

Dave

---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch


---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch


---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch