[Firehol-support] Reaching public ip of firewall/gateway from lan
Costa Tsaousis
costa at tsaousis.gr
Tue Nov 6 22:26:56 GMT 2007
Mirko Buffoni wrote:
> Hi all,
>
> I have setup a linux box doing firewall/gateway plus giving some service.
> I have 2 NICs, eth0 is used for public networks, eth1 is used for private lan.
>
> I can route internal PCs through the linux box to internet.
> I can reach linux box services from internet.
> The 2 networks are phisically separated.
> I can reach linux box services from lan through firewall LAN IP.
> I cannot reach linux box services from lan through firewall WAN IP.
>
You have to dnat all traffic towards your public IP to your lan IP. Try
this:
dnat to "${LAN_IP}" inface "${LAN_IF}" src "${LAN_NET}" dst "${WAN_IP}"
All services listening on WAN_IF/IP have to be listening on LAN_IF/IP too.
The interface you added is not needed.
Costa
More information about the Firehol-support
mailing list