From owner-freebsd-questions Wed Mar 6 6:55:56 2002 Delivered-To: freebsd-questions@freebsd.org Received: from axl.seasidesoftware.co.za (axl.seasidesoftware.co.za [196.31.7.201]) by hub.freebsd.org (Postfix) with ESMTP id 2ACE337B400 for ; Wed, 6 Mar 2002 06:55:51 -0800 (PST) Received: from sheldonh (helo=axl.seasidesoftware.co.za) by axl.seasidesoftware.co.za with local-esmtp (Exim 3.33 #1) id 16ictB-000LRG-00 for freebsd-questions@FreeBSD.org; Wed, 06 Mar 2002 16:59:33 +0200 From: Sheldon Hearn To: freebsd-questions@FreeBSD.org Subject: Internal hosts communicating with external addresses through firewall Date: Wed, 06 Mar 2002 16:59:33 +0200 Message-ID: <82413.1015426773@axl.seasidesoftware.co.za> Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Hi folks, I've been using IPFW with one of ipnat and natd for a while, but have never managed to figure out what it takes to allow internal hosts (with private addresses NAT'd to public addresses with a 1:1 mapping) to communicate with each other using their public addresses? For example, take these two hosts: Public address (hostname) Private address Web server: w.x.y.z (www.example.com) 10.0.0.100 Dev server: s.t.u.v (dev.example.com) 10.0.0.101 I'd like to run an HTML link checking program on 10.0.0.101 and point it at www.example.com. I can't just point it at 10.0.0.100, because the link checking will break horribly. At the moment, I have to use an /etc/hosts entry on the dev server. Can this be done? If so, is there more to it than just firewall rules? The obvious idea of just using IPFW log on my deny rule to see where things are going wrong doesn't seem feasible, because this would generate a HUGE amount of logging information, even for a few minutes. Ciao, Sheldon. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message