[ previous ] [ next ] [ threads ]
 
 From:  Melvin Backus <mbackus at bellsouth dot net>
 To:  Joey Morin <joeymorin at alumni dot uwaterloo dot ca>, Adam Nellemann <adam at nellemann dot nu>
 Cc:  Joey Morin <joeymorin at alumni dot uwaterloo dot ca>, <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] NATed services by the public IP
 Date:  Thu, 24 Jun 2004 18:02:05 -0400 
At 03:18 PM 6/24/2004, Joey Morin wrote:

>This one time, at band camp, Adam Nellemann said:
>
> > Joey Morin wrote:
> >
> > > from http://m0n0.ch/wall/docbook/faq-lannat.html
> > >
> > >     "Why isn't it possible to access NATed services by the public IP
> > >     address from LAN?"
> > >
> > > this is perhaps only a minor annoyance, but when i moved to m0n0wall i
> > > lost this ability.  behind my inexq this was no problem.  can anyone
> > > explain why this is not possible to implement?  is it a limitation, or
> > > by design?
> >
> > While probably not quite what you are after, you could use DNS overrides
> > to map some (actual or imaginary) domain names to the corrosponding
> > internal IPs, and thus be able to access any NAT'ed services from the
> > LAN in much the same way you would from the WAN.
>
>my WAN link is pppoe, and the ip changes frequently.  currently i use an
>smtp client on an internal box to periodically send an empty message to an
>external shell account, where a running perl script extracts the ip from
>the mail headers and dynamically builds an index.html containing a
>redirect to the current WAN IP, and plunks it in the public_html tree on
>that shell account.  this let's me give out a named URL to folks who i
>want to grant access to my web server.  this url never changes, but since
>the index.html is rebuilt whenever the WAN IP changes, the web server is
>always reachable (longest down time is determined by the smtp client send
>interval plus the perl script polling interval.  usually no more than 5
>minutes).
>
>yes, this is ugly, but i don't have money right now for dyn dns!  that's
>also why i'm using a pc cobbled together from curb-side garbage day finds,
>and running a free firewall on it :)

Unless you're generating an enormous amount of traffic, zoneedit.com is 
free for up to five domains.  For that matter so is dyndns.org if you use 
one of their domains (40+ choices if I remember correctly), which unless 
you already have your own domain shouldn't be a big issue.



----------------------------------------
Good, Fast, Cheap... Pick any two
----------------------------------------