[Firehol-support] firehol and snat
Costa Tsaousis
costa at tsaousis.gr
Tue Oct 9 13:50:15 BST 2007
O/H rich at thevillas.eclipse.co.uk έγραψε:
>
>
> snat to "${HOME_MYIP}" \
> outface "${HOME_MYIF}" \
> src "${HOME_LAN}" dst "${WEBSERVER}"
>
>
>
> dnat to ${WEBSERVER}:80 \
> inface "${HOME_MYIF}" \
> src "${HOME_LAN}" \
> dst "${PUBLIC_MYIP}" proto tcp dport 80
>
>
> router lan2lan inface "${HOME_MYIF}" outface "${HOME_MYIF}" \
> src "${HOME_LAN}" dst "${HOME_LAN}"
> server http accept
> server https accept
>
For https you also need to dnat port 443. You this dnat instead of the
previous:
dnat to ${WEBSERVER} \
inface "${HOME_MYIF}" \
src "${HOME_LAN}" \
dst "${PUBLIC_MYIP}" proto tcp dport "80 443"
Note that I have removed the port from ${WEBSERVER}.
Costa
More information about the Firehol-support
mailing list