Anders Johansson wrote:
On Sunday 19 April 2009 17:36:59 LLLActive@GMX.Net wrote:
Actually, my problem is as follows:
I have DynDNS to a SuSEfirewall2 running Apache2. I have a webpage on it. I now want to put a link in this webpage to a machine with a private IP in the DMZ, that should open up in a browser.
OK, I think I see your problem.
You can't use the internal IP address in the DMZ from an external machine. What FW_FORWARD_MASQ does is transparently forward requests to internal machines that arrive on the firewall. So with the rule
0/0,192.168.176.10,tcp,80
if you access port 80 on the firewall machine, it will send it on to 192.168.176.10 as it if was handling it itself.
If you have two web servers, one directly on the firewall and the other in the DMZ, then the only way to do this is to use a different port. Say a rule like
0/0,192.168.176.10,tcp,81,80
This will forward requests made to the firewall IP on port 81 to the machine in the DMZ on port 80. Any links you have then will have to be to the firewall machine's port 81
Anders
OK, looks what I need. I take it I can direct the requests to the DynDNS firewall port 80 to the webserver in the DMZ on port 81 with 0/0,192.168.176.10,tcp,80,81 This can also be done with the webserver in the DMZ wanting the data (through its own gateway) over the internal network firewall (asking at port 1927) to be directed to the private IP 192.168.0.10 on port 1972? :-? Al -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org