iptables - lo interface problem
yxiao2004 at gmail.com
Mon Aug 23 16:03:10 UTC 2004
On Mon, 23 Aug 2004 11:27:09 -0400, Rodolfo Alcázar
<rodolfo.alcazar at padep.org.bo> wrote:
> Hi, this is my first post. Greetings all of you!
> I have a 3-card (internet, LAN, DMZ) firewall installed. I have configured
> this rule for users who wants to visit my web site:
> iptables -t nat -A PREROUTING -d 184.108.40.206 -p tcp -m tcp --dport 80 -j
> DNAT --to-destination 192.168.1.2:80
> (explained: If a internet users requests http service from 220.127.116.11,
> the request is redirected to 192.168.1.2 on my DMZ)
> but when I type "$ lynx www.mysite.org" from my very firewall, I got
> "Alert!: Unable to connect to remote host.". Obvious. The www.mysite.org DNS
> entry is related with my own firewall, 18.104.22.168, which has no web
> server, the request is redirected to 127.0.0.1. Damn! I tried a lot of
> rules, but I can´t find the right one.
> I explained the problem in a simple way, but the real one is when I run
> squid or a ppp-dialup server.
> Which is the right iptables rule? (writing lynx 192.168.1.2 do work, but is
> NOT the solution!)
have you tried from an external connection? Don't test NAT rules on
the firewall itself!!!
More information about the users