SV: SV: Port forwarding
Jari.Marikainen at vlt.se
Jari.Marikainen at vlt.se
Mon Jan 24 09:43:38 UTC 2005
Hi,
I agree on your resoning below. I also ran into another problem. Will your earlier suggestion work with SSL? This could look somewhat suspicious from the client side I imagine.
Your suggestion was:
iptables -t nat -A PREROUTING -p tcp --dport 80 -d 195.198.111.x \
-j DNAT --to-destination 65.114.4.69
iptables -t nat -A POSTROUTING -p tcp --dport 80 -d 65.114.4.69 \
-j SNAT --to-source <your external IP address on this machine>
PS. In this case, 65.114.4.69, is www.dilbert.com which ofcourse is not the actual case but pure fiction and has no relevance in my actual problem.
-----Ursprungligt meddelande-----
Från: Andy [mailto:ag1234 at carmen.se]
Skickat: den 21 januari 2005 12:36
Till: fedora-list at redhat.com
Ämne: Re: SV: Port forwarding
Jari Marikainen wrote:
> I really want the traffic from the target (65.114.4.69) server to > reply directly to the client. We don't need/want any traffic back. Is > your suggestion still valid, or do I need to do modifications to the > lines below?
Unfortunately what you say cannot be done, with linux or anything else.
Why would a client accept return traffic from 65.114.4.69 when they are talking to 195.198.111.x?
Maybe you need a completely different solution, like running a web-server on 195.198.111.x which gives a "301 Moved permanently" or
"302 Moved temporarily" answer with an alternative url of
http://65.114.4.69
Hope that helps,
/Andy
--
fedora-list mailing list
fedora-list at redhat.com
To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
More information about the users
mailing list