[ previous ] [ next ] [ threads ]
 
 From:  "David Cavanaugh" <dcavanaugh at thewebpros dot net>
 To:  "Richard Parvass" <Richard dot Parvass at aaland dot co dot uk>, <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] Accessing internal hosts via external IP
 Date:  Fri, 1 Apr 2005 10:40:39 -0500 
Richard:

Yeah. I had read that FAQ entry; it is what prompted me to ask the
question the way I did. I still maintain the FAQ for ipfilter is a bit
ambiguous-- only mentioning rdr. Perhaps there's another facility or
combination of facilities that could accomplish the same thing. For
instance, there's no *one* command that will accomplish this in
iptables. However, using a combination of two commands, viola!

The reason for my persistence is the fine line between "impossible" and
"not supported".

Apologies,

Dave


-----Original Message-----
From: Richard Parvass [mailto:Richard dot Parvass at aaland dot co dot uk] 
Sent: Friday, April 01, 2005 8:56 AM
To: m0n0wall at lists dot m0n0 dot ch
Subject: RE: [m0n0wall] Accessing internal hosts via external IP

Please see FAQ: http://www.m0n0.ch/wall/docbook/faq-lannat.html 

-----Original Message-----
From: David Cavanaugh [mailto:dcavanaugh at thewebpros dot net] 
Sent: Thursday, March 31, 2005 7:13 PM
To: m0n0wall at lists dot m0n0 dot ch
Subject: [m0n0wall] Accessing internal hosts via external IP

Using iptables we were able to access internal machines via their public
IPs using commands similar to:

iptables -t nat -A PREROUTING -i $INTERNAL_INTERFACE -d
$EXTERNAL_ADDRESS -j DNAT --to $INTERNAL_ADDRESS

iptables -t nat -A POSTROUTING -o $INTERNAL_INTERFACE -d
$INTERNAL_ADDRESS -s $DMZ_NETWORK -j SNAT --to $DMZ_GATEWAY

And it worked for years-- no problems.

Now, since I am totally ignorant concerning ipfilter and ipfw, can
anyone unequivocally say that is impossible in m0n0wall?

I'm only curious.

Thanks,

Dave

---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch

The information in this e-mail and any files transmitted with it is
confidential
and may be legally privileged. It is intended solely for the addressee
and
others authorised to receive it. If you are not the intended recipient,
any
disclosure, copying, distribution or action taken in reliance on its
contents
is prohibited and may be unlawful.

The opinions expressed in this message are that of the sender and not
necessarily those of Aaland Limited. If you have received this e-mail in
error please notify postmaster at aaland dot co dot uk



---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch