>I much prefer this solution because I host 4 domains on the server in my
>dmz, and within each domain I
>have several subdomains (i.e. pics.rodrig.com, dave.rodrig.com, etc.).
>Using the overrides means I have
>to enter each of these manually, but with only the one RDR rule all of
>these are taken care of, since
>they all resolve to the same address.
>I realize this would be of limited use to most people, since the overrides
>already address this as it
>would apply in most situations.
Just to add my two cents, I would find this extremely useful. I have 14
different domains hosted on my home server (most light duty), with several
CNAMEs per domain that all resolve down to one server. I have over a dozen
overrides of the DNS forwarder, and they only cover the most common aliases
for my servers. This is by far the #1 reason I *hate* 1:1 NAT for servers,
and quite a pain in the butt to input.
Not being able to reach DMZ systems as though they were on the Internet is,
IMHO, the #1 limitation of m0n0wall today. (It's still an awesome piece of
software, of course!) Would love to see an easy way around the current
Michael A. Alderete <mailto:lists dash 2003 at alderete dot com>