On Mon, 2004-02-16 at 12:11, dave wrote:
> Now my question:
> We all know about the DNS overrides that need to be in place in order
> for LAN hosts to be able to access DMZ hosts by hostname. On OpenBSD, I
> overcame this problem with RDR NAT rules which said basically:
> rdr xl0 <public ip address> port 80 -> 192.168.95.5 port 80 tcp
> Where xl0 is my LAN interface and the public ip address is whatever
> dmz.host.com resolves to. This worked beautifully.
> How would I go about adding a similar rule using exec.php?? Is it
Using the features available in the webGUI, go to the "DNS Forwarder"
page, and down the bottom you'll see the "overrides" section.
Add an entry such as:
Host Domain IP Description
Virgil example.com 10.0.0.5 Virgil (in the DMZ)
> Also, is there a chance we might someday see a checkmark in the webgui
> along the lines of "Add Server/1:1 NAT RDR rules from LAN" to accomplish
> the same thing?
The functionality you need - DNS overrides for DMZ machines - is already
in the webGUI.
> Lastly, is there any particular reason why this might *not* be a good
> idea? If I'm way off with this, I'd definitely like to know.
It is a good idea. It is also implemented already. :)
Hilton Travis Phone: +61-(0)7-3343-3889
Manager, Quark AudioVisual Phone: +61-(0)419-792-394
Quark Computers http://www.QuarkAV.com/
(Brisbane, Australia) http://www.QuarkAV.net/
Open Source Projects: http://www.ares-desktop.org/
Non Linear Video Editing Solutions & Digital Audio Workstations
Network Administration, SmoothWall Firewalls, NOD32 AntiVirus
Conference and Seminar AudioVisual Production and Recording
War doesn't determine who is right. War determines who is left.