Re: LAN Port forwarding with a dynamic IP address

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Grant Taylor <gtaylor@riverviewtech.net>
To: Zac Hansen <xaxxon@gmail.com>
Cc: netfilter@lists.netfilter.org
Subject: Re: LAN Port forwarding with a dynamic IP address
Date: Sun, 23 Oct 2005 00:19:18 -0500	[thread overview]
Message-ID: <435B1D56.5060704@riverviewtech.net> (raw)
In-Reply-To: <7f6703390510210400n3ea01619p3e46ee81bd7badc3@mail.gmail.com>

Zac Hansen wrote:
> I have a single, dynamic IP address. I have multiple boxes behind a linux
> router, one of which runs a web server on port 80. I have set up rules (a
> PREROUTING and a FORWARD rule) to let people outside my LAN deal see my web
> server. The problem is that the boxes on my LAN can't see them.
> 
> I really don't want to hardcode my external IP address into any rules and I
> don't want to do any DNS work to make the LAN boxes look up the actual
> server's LAN IP address directly.
> 
> Can I get my LAN boxes to see my web site and not do the things I don't want
> to do?

You might be able to use one of the Layer 7 filters to match the traffic that is actually destined for your server via the HTTP get line but I think this would be after the connection is made.

The other option that comes to mind would be to set up some sort of proxy (Squid in reverse proxy mode) server that your clients or the world would issue the request to and have it handle the routing of sending the request to the box that is really servicing the request.

Grant. . . .

next prev parent reply	other threads:[~2005-10-23  5:19 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2005-10-21 11:00 LAN Port forwarding with a dynamic IP address Zac Hansen
2005-10-23  5:19 ` Grant Taylor [this message]
  -- strict thread matches above, loose matches on Subject: below --
2005-10-21 12:40 Derick Anderson
2005-10-22  9:02 ` George Alexandru Dragoi

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=435B1D56.5060704@riverviewtech.net \
    --to=gtaylor@riverviewtech.net \
    --cc=netfilter@lists.netfilter.org \
    --cc=xaxxon@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.