Hi Dave,

On Mon, 2004-02-16 at 12:11, dave wrote:
> Now my question:
> 
> We all know about the DNS overrides that need to be in place in order 
> for LAN hosts to be able to access DMZ hosts by hostname. On OpenBSD, I 
> overcame this problem with RDR NAT rules which said basically:
> 
> rdr xl0 <public ip address> port 80 -> 192.168.95.5 port 80 tcp
> 
> Where xl0 is my LAN interface and the public ip address is whatever 
> dmz.host.com resolves to. This worked beautifully.
> 
> How would I go about adding a similar rule using exec.php?? Is it 
> possible?

Using the features available in the webGUI, go to the "DNS Forwarder"
page, and down the bottom you'll see the "overrides" section.

Add an entry such as:
Host	Domain		IP		Description
Virgil	example.com	10.0.0.5	Virgil (in the DMZ)

> Also, is there a chance we might someday see a checkmark in the webgui 
> along the lines of "Add Server/1:1 NAT RDR rules from LAN" to accomplish 
> the same thing?

The functionality you need - DNS overrides for DMZ machines - is already
in the webGUI.

> Lastly, is there any particular reason why this might *not* be a good 
> idea? If I'm way off with this, I'd definitely like to know.

It is a good idea.  It is also implemented already.  :)

-- 

Regards,

Hilton Travis                   Phone: +61-(0)7-3343-3889
Manager, Quark AudioVisual      Phone: +61-(0)419-792-394
         Quark Computers         http://www.QuarkAV.com/
(Brisbane, Australia)            http://www.QuarkAV.net/

Open Source Projects:		http://www.ares-desktop.org/
				http://www.mamboband.org/

Non Linear Video Editing Solutions & Digital Audio Workstations
 Network Administration, SmoothWall Firewalls, NOD32 AntiVirus
  Conference and Seminar AudioVisual Production and Recording

War doesn't determine who is right. War determines who is left.