-----BEGIN PGP SIGNED MESSAGE----- Hi René!
The request should pass through the firewall and be redirected straight to the webserver 10.3.1.34 .(port 80)
FW_FORWARD="0/0,x.y.z.a,tcp,80 x.y.z.a,10.3.1.34,tcp,80 0/0,10.3.1.34/255.255.255.255,tcp,80"
FW_FORWARD is for forwarding to public IP address in the DMZ/internal
net only. What you probably want (since you are masquerading the
10.3.0.0/16 net) is
FW_FORWARD_MASQ="0/0,10.3.1.34,tcp,5678,80"
This will reverse masquerade incoming requests to port 5678 on your
public IP and forward them to port 80 on your web server.
Regards, Andy
- --
Andreas J. Mueller email: