[Firehol-support] Problem with two interface firewall with web servers behind NAT

Kenny Colliander Nordin kecon81 at gmail.com
Tue Mar 22 06:40:44 GMT 2016


I'm trying to get my firewall to port forward HTTP/HTTPS traffic to my
webserver on private address space. I can't get any traffic through from
Internet to the webserver.

Tried to follow all the examples for a couple of hours now, but I'm not
able to see the problem..


eth0 = Internet
eth1 = LAN with network = Web server

I want all incoming eth0 traffic on port 80 and 443 to be forwarded to the
web server at with the correlating port numbers.

I use the following setup on Ubuntu 14.04

# ----
version 5

dnat to inface eth0 proto tcp dport 80
dnat to inface eth0 proto tcp dport 443

interface eth1 lan src ""
    policy accept

interface eth0 internet
    server http accept
    server https accept
    client all accept

router internet2web inface eth0
   server http accept dst
   server https accept dst
   client all accept
   route all accept

router lan2internet inface eth1 outface eth0
    client all accept
    route all accept

# ----

Help appreciated,

More information about the Firehol-support mailing list