[ previous ] [ next ] [ threads ]
 
 From:  dave <dave at rodrig dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Custom RDR NAT rules: How to add?
 Date:  Sun, 15 Feb 2004 21:11:14 -0500
First off,

Congrats, Manuel, on the milestone acheived today by m0n0wall! I 
discovered the project back around pb24 and from the start, I was 
astounded at your level of committment and energy. Whenever I suggest 
m0n0wall, I *always* make a point to comment on this aspect of the 
project.

Now my question:

We all know about the DNS overrides that need to be in place in order 
for LAN hosts to be able to access DMZ hosts by hostname. On OpenBSD, I 
overcame this problem with RDR NAT rules which said basically:

rdr xl0 <public ip address> port 80 -> 192.168.95.5 port 80 tcp

Where xl0 is my LAN interface and the public ip address is whatever 
dmz.host.com resolves to. This worked beautifully.

How would I go about adding a similar rule using exec.php?? Is it 
possible?

Also, is there a chance we might someday see a checkmark in the webgui 
along the lines of "Add Server/1:1 NAT RDR rules from LAN" to accomplish 
the same thing?

Lastly, is there any particular reason why this might *not* be a good 
idea? If I'm way off with this, I'd definitely like to know.

thanks in advance,
dave