Checked FW_SERVICE_INT_TCP="80" (you can see web server on FIREWALL inside LAN) -----Mensaje original----- De: Argentium G. Tiger [mailto:agtiger@kc.rr.com] Enviado el: Jueves, 07 de Marzo de 2002 10:13 p.m. Para: suse-security@suse.com Asunto: [suse-security] SuSEfirewall2 and viewing your own internal web site. I'm using SuSEfirewall2 doing network address translation. I have defined: FW_FORWARD_MASQ="0/0,192.168.2.12,tcp,80,80" This allows external machines to hit a test web server I have running. Now if I define a link on a web based page or forum that points back at my firewall's external address like this (assuming 1.2.3.4 is my firewall's external address): http://1.2.3.4/foo.jpg From any other machine in the world outside my firewall, I can click that link and see foo.jpg. But from inside my firewall from another machine, no go. I can't use the external address. I have to change the reference to http://192.168.2.12/foo.jpg (ie, the internal address). I'd like to know what I have to tweak in /etc/rc.config.d/firewall2.rc.config in order to allow other internal machines to use the external address to be masq-forwarded back in to the 192.168.2.12 machine? Maybe it's not possible... But I'm hoping it is. Sincerely, Argentium -- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here