[geeks] Apache problem...

[Matty]

Hi Mike,

I use:

# Redirect HTTP traffic
rdr tun0 0.0.0.0/32 port 80 -> 192.168.1.5 port 1234

to redirect traffic to my internal website. What does
ipf.rules look like? Are you keeping state on the 
connection inbound? Any drops in the firewall logs? What
OS are you using with IPF?

- Ryan

On Mon, 2002-12-02 at 21:27, Mike Hebel wrote:
> Does anybody have any experience running Apache 1.3 behind a NAT connection?
> 
> Here's the issue:
> 
> A friend of mine and I are trying to run a web server on his DSL behind 
> a nat and a SpeedStream router.
> 
> Basically it goes from the outside IP ->
> gets passed through the SpeedStream router on port 80 ->
> to the firewall which does an rdr ->
> to the internal NAT number on port 80 of the web server.
> 
> The server will serve a basic page of text but anything more complex 
> like say - a table, pictures, etc. - will not even come up.  Basically 
> the browser sits there and times out.
> 
> We moved it outside the firewall and configured it like the other one we 
> have in the DMZ and it works fine but we'd like to run it behind the 
> firewall rather than having to maintain three separate firewalls.
> 
> Has anybody dealt with this?  It's almost like it doesn't like the 
> double-bounce but all the docs I can dig up say that I've got the 
> SpeedStream 5800 and the IPF setup correctly.
> 
> I'm now confused and looking for help...before I take a LART to this 
> thing...
> 
> Mike Hebel
> 
> (Oops!  Forgot the other specs.  The server is running Mandrake 9 on x86 
> - the pages made with Netscape Composer.)
> _______________________________________________
> GEEKS:  http://www.sunhelp.org/mailman/listinfo/geeks
-- 
Ryan Matteson - UNIX Administrator
GPG ID: 1B52A210 2002-12-01 Ryan Matteson (Primary Key Pair)
<matty91 at bellsouth.net>
Public Key: http://www.daemons.net/~matty/public.asc
Detached Digital Signature: http://www.daemons.net/~matty/public.sig.asc
Fingerprint = A0B1 298E 29C4 3F26 01D5  EDFC 3D62 281F 1B52 A210