Hello, I am running a web server on my internal network. Clients outside
the web can view it but inside the network, they get page cannot be
displayed. I have tried shorewall faq 2 but it still doesn''t work.
interfaces
#ZONE INTERFACE BROADCAST OPTIONS
net ppp0 detect dhcp,routefilter,norfc1918,routeback
masq eth1 detect routeback
masq
#INTERFACE SUBNET ADDRESS
ppp0 eth1
#LAST LINE -- ADD YOUR ENTRIES ABOVE THIS LINE -- DO NOT REMOVE
rules
DNAT net masq:192.168.0.6:80 tcp 5903
DNAT masq:192.168.0.0/24 masq:192.168.0.6:80 tcp 5903 -
209.5.63.205:192.168.0.1
output from shorewall show nat
Shorewall-2.0.0b NAT at host.bluestonefinancial.com - Tue May 11 10:57:43
EDT 2004
Counters reset Tue May 11 09:54:09 EDT 2004
Chain PREROUTING (policy ACCEPT 102K packets, 4275K bytes)
pkts bytes target prot opt in out source destination
73 3585 net_dnat all -- ppp0 * 0.0.0.0/0 0.0.0.0/0
54 9296 masq_dnat all -- eth1 * 0.0.0.0/0 0.0.0.0/0
Chain POSTROUTING (policy ACCEPT 1290 packets, 83016 bytes)
pkts bytes target prot opt in out source destination
2 96 masq_snat all -- * eth1 0.0.0.0/0 0.0.0.0/0
9 585 ppp0_masq all -- * ppp0 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT 1113 packets, 73755 bytes)
pkts bytes target prot opt in out source destination
Chain masq_dnat (1 references)
pkts bytes target prot opt in out source destination
0 0 DNAT tcp -- * * 192.168.0.0/24 209.5.63.205 tcp dpt:5903
to:192.168.0.6:80
Chain masq_snat (1 references)
pkts bytes target prot opt in out source destination
0 0 SNAT tcp -- * * 192.168.0.0/24 192.168.0.6 tcp dpt:80 to:192.168.0.1
Chain net_dnat (1 references)
pkts bytes target prot opt in out source destination
2 96 DNAT tcp -- * * 0.0.0.0/0 209.5.63.205 tcp dpt:5903 to:192.168.0.6:80
Chain ppp0_masq (1 references)
pkts bytes target prot opt in out source destination
6 399 MASQUERADE all -- * * 192.168.0.0/24 0.0.0.0/0