[Firehol-support] Problem with two interface firewall with web servers behind NAT
Kenny Colliander Nordin
kecon81 at gmail.com
Tue Mar 22 06:40:44 GMT 2016
Hi,
I'm trying to get my firewall to port forward HTTP/HTTPS traffic to my
webserver on private address space. I can't get any traffic through from
Internet to the webserver.
Tried to follow all the examples for a couple of hours now, but I'm not
able to see the problem..
Setup:
eth0 = Internet
eth1 = LAN with 192.168.127.0/24 network
192.168.127.20 = Web server
I want all incoming eth0 traffic on port 80 and 443 to be forwarded to the
web server at 192.168.127.20 with the correlating port numbers.
I use the following setup on Ubuntu 14.04
# ----
version 5
dnat to 192.168.127.20 inface eth0 proto tcp dport 80
dnat to 192.168.127.20 inface eth0 proto tcp dport 443
interface eth1 lan src "192.168.127.0/24"
policy accept
interface eth0 internet
server http accept
server https accept
client all accept
router internet2web inface eth0
server http accept dst 192.168.127.20
server https accept dst 192.168.127.20
client all accept
route all accept
router lan2internet inface eth1 outface eth0
masquerade
client all accept
route all accept
# ----
Help appreciated,
Kenny
More information about the Firehol-support
mailing list