>I much prefer this solution because I host 4 domains on the server in my
>dmz, and within each domain I
>have several subdomains (i.e. pics.rodrig.com, dave.rodrig.com, etc.).
>Using the overrides means I have
>to enter each of these manually, but with only the one RDR rule all of
>these are taken care of, since
>they all resolve to the same address.
>
>I realize this would be of limited use to most people, since the overrides
>already address this as it
>would apply in most situations.

Just to add my two cents, I would find this extremely useful. I have 14
different domains hosted on my home server (most light duty), with several
CNAMEs per domain that all resolve down to one server. I have over a dozen
overrides of the DNS forwarder, and they only cover the most common aliases
for my servers. This is by far the #1 reason I *hate* 1:1 NAT for servers,
and quite a pain in the butt to input.

Not being able to reach DMZ systems as though they were on the Internet is,
IMHO, the #1 limitation of m0n0wall today. (It's still an awesome piece of
software, of course!) Would love to see an easy way around the current
limitations.

Michael
-- 

_____________________________________________________________
Michael A. Alderete           <mailto:lists dash 2003 at alderete dot com>
                                     <http://www.alderete.com>