liste at mattiamartinello.com
Thu Nov 18 11:56:34 CET 2004
I'm using a netfilter gateway between my LAN and the server on the DMZ.
This gateway makes a DNAT from 192.168.1.* to the external IP of the
server on the DMZ.
Then, if I call http://[my external IP], the gateway makes a DNAT to
http://192.168.20.x (the internal DMZ IP of the server), through the
The problem is that when I call Apache on the server, Apache thinks that
I am 192.168.20.254, not 192.168.1.x.
So, in the access logs the connection is made from the DMZ interface of
the gateway and not from the real IP address of the client.
This make me some real problems about client autentication.
How I can I get my gateway transparent and solve this problem to let
Apache to write the correct IP address of the client in the logs?
Thank you very much
More information about the netfilter