On 2006-11-01 01:03, Jigish Gohil wrote:
I am trying to forward all the port 80 requests from internet to my router to a web server on internal network.
Internet ----> SUSE router ----> Webserver on intranet.
I have followed this guide: http://www.novell.com/coolsolutions/feature/16709.html
Relevant section in /etc/sysconfig/SuSEfirewall2 are :
FW_DEV_EXT="any eth-id-00:15:f2:52:f8:8a"
Though not relevant to your current problem, I've always felt that "any" in this setting is potentially confusing; you have a fixed external link, so don't need to (shouldn't?) use it.
FW_DEV_INT="eth-id-00:08:a1:65:d7:c6" FW_DEV_DMZ="" FW_ROUTE="yes" FW_MASQUERADE="yes" FW_MASQ_DEV="$FW_DEV_EXT" FW_MASQ_NETS="0/0" FW_PROTECT_FROM_INT="no" FW_SERVICES_EXT_TCP="9000 http" FW_FORWARD="" FW_FORWARD_MASQ="0/0,192.168.0.249,tcp,80,80,0/0" The way I read this, the last field is not a net/mask, rather a single IP, despite what the CoolSolutions webpage says. AFAIK, the field isn't even necessary. Since you are not doing any port redirection, the second "80" is not needed. Thus:
FW_FORWARD_MASQ="0/0,192.168.0.249,tcp,80"