Is this right?
Ricardo Pardini
ricardophplist@construnet.com.br
Mon, 13 Aug 2001 16:55:30 -0300
Iīm doing port forwarding on my router like this:
iptables -t nat -A PREROUTING -p tcp -d $REAL_IP --dport 80 -j
DNAT --to 192.168.1.35:80
So I forward all web traffic to an internal server. I want to let my
internal users (192.168.1.0/24) also use $REAL_IP to access the web
server, so I do:
iptables -t nat -A POSTROUTING -p tcp -d 192.168.1.35 -s
192.168.1.0/24 --dport 80 -j SNAT --to 192.168.1.234
Which is quite obvious. Problem is: web hits from internal users seem
to come from the router (192.168.1.234) not from the internal client
(e.g. 192.168.1.42).
Any ideas on this? I wish I could make it work without having to
"mascarade" the internal userīs IP address.
Thanks
--
Ricardo Pardini
ricardo@construnet.com.br