11 May
2004
11 May
'04
18:15
On Tuesday 11 May 2004 19:10, Manuel Balderrábano wrote:
Sure! But by that option all connections will appear as comming from the firewall.
I may have totally misunderstood what you're trying to achieve. I thought you were trying to route incoming traffic to your firewall to port 80 on a machine in your DMZ and that this machine had a private (non-routable) IP. With the FW_FORWARD_MASK the source address of incoming traffic to your webserver won't be rewritten, only the destination address is. Outgoing traffic will have the source address rewritten to the IP of your firewall, but wasn't that is the whole idea about PAT? Best regards, Arjen