On Sunday 19 April 2009 17:36:59 LLLActive@GMX.Net wrote:
Actually, my problem is as follows:
I have DynDNS to a SuSEfirewall2 running Apache2. I have a webpage on it. I now want to put a link in this webpage to a machine with a private IP in the DMZ, that should open up in a browser.
OK, I think I see your problem. You can't use the internal IP address in the DMZ from an external machine. What FW_FORWARD_MASQ does is transparently forward requests to internal machines that arrive on the firewall. So with the rule 0/0,192.168.176.10,tcp,80 if you access port 80 on the firewall machine, it will send it on to 192.168.176.10 as it if was handling it itself. If you have two web servers, one directly on the firewall and the other in the DMZ, then the only way to do this is to use a different port. Say a rule like 0/0,192.168.176.10,tcp,81,80 This will forward requests made to the firewall IP on port 81 to the machine in the DMZ on port 80. Any links you have then will have to be to the firewall machine's port 81 Anders -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org