From owner-freebsd-ipfw@FreeBSD.ORG Fri Nov 24 05:16:28 2006 Return-Path: X-Original-To: ipfw@freebsd.org Delivered-To: freebsd-ipfw@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 9CB1216A412 for ; Fri, 24 Nov 2006 05:16:28 +0000 (UTC) (envelope-from nilton.volpato@gmail.com) Received: from nf-out-0910.google.com (nf-out-0910.google.com [64.233.182.186]) by mx1.FreeBSD.org (Postfix) with ESMTP id 795B243D45 for ; Fri, 24 Nov 2006 05:15:48 +0000 (GMT) (envelope-from nilton.volpato@gmail.com) Received: by nf-out-0910.google.com with SMTP id x37so1057077nfc for ; Thu, 23 Nov 2006 21:16:25 -0800 (PST) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=NzNo73KR3JtHiKHC+hgdLE+IpFG2wDjw/5fbPuCejhPFfsDrDMIQ5vUcnxJeWLwJe3q71MlldHLCSt5xIySBmNrD+FMQjFjljGPb7m1dpuX1I0N7xN2oUXxF9MO3NGnXpz4RNqXjvaqhAk0IbB24WrESVQ80ZdZ3SQHS1Kfs6Zc= Received: by 10.78.201.2 with SMTP id y2mr9947024huf.1164345385248; Thu, 23 Nov 2006 21:16:25 -0800 (PST) Received: by 10.78.126.15 with HTTP; Thu, 23 Nov 2006 21:16:25 -0800 (PST) Message-ID: <27fef5640611232116o6e26cbcbx230d13981270bb89@mail.gmail.com> Date: Fri, 24 Nov 2006 02:16:25 -0300 From: "Nilton Volpato" To: freebsd-questions@freebsd.org, ipfw@freebsd.org In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline References: Cc: Subject: Re: port redirection with natd and ipfw X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 24 Nov 2006 05:16:28 -0000 [Fratiman Vladut] > This is because u try to access an ip that have same ip like your > gateway, but from internal lan, so packets are sends to gateway but > cannot be redirected back to the http server according with redirect > rules. > To resolve this situation, configure a simple dns server on your > gateway, and make a zone with your domain pointed to the internal ip. > Then configure the computers clients to ask your dns server. This is > easily done via dhcp. > Your dns server need to be configured to forward request's for unknow > domains to the autoritarive public dns servers. > -- > Best regards, > Fratiman [Russell Wood] > I had a similar setup once and used Split DNS with BIND. So, if you > requested example.com on 192.168.0.0/24 then you'd get the internal IP, > otherwise you got the external IP. > > Regards, > Russell Wood Thanks guys, But Split DNS does not work in my case. Because I have different services on different machines, and the dns will map one name (and all ports associated to it) to one machine. Is there any solution that will work without using split dns? Thanks, -- Nilton