From owner-freebsd-questions Thu Oct 19 18:18:45 2000 Delivered-To: freebsd-questions@freebsd.org Received: from mail.ipfw.org (cr308584-a.wlfdle1.on.wave.home.com [24.114.52.208]) by hub.freebsd.org (Postfix) with ESMTP id 6661237B4CF for ; Thu, 19 Oct 2000 18:18:42 -0700 (PDT) Received: from apollo (apollo.objtech.com [192.168.111.5]) by mail.ipfw.org (Postfix) with ESMTP id 837E13183; Thu, 19 Oct 2000 21:18:34 -0400 (EDT) Date: Thu, 19 Oct 2000 21:18:34 -0400 From: Peter Chiu X-Mailer: The Bat! (v1.46d) Personal Reply-To: Peter Chiu X-Priority: 3 (Normal) Message-ID: <87233942251.20001019211834@yahoo.com> To: Jeremy Vandenhouten Cc: freebsd-questions@freebsd.org Subject: Re: DNS and Apache behind Firewall/gateway Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG amazon:peter$ cat /etc/natd.conf same_ports unregistered_only # forward ssh to mononoke redirect_port tcp 192.168.0.6:22 xxx.xxx.120.110:22 # forward DNS to mononoke redirect_port tcp 192.168.0.6:53 xxx.xxx.120.110:53 redirect_port udp 192.168.0.6:53 xxx.xxx.120.110:53 # forward HTTP to mononoke redirect_port tcp 192.168.0.6:80 xxx.xxx.120.109:80 # forward HTTPS to mononoke redirect_port tcp 192.168.0.6:443 xxx.xxx.120.109:443 If you look from outside, DNS is on xxx.xxx.120.110 and web is on xxx.xxx.120.109. At the gateway, I forward them to the same internal box. > I know that to allow a webserver to host behind a gateway/firewall it > is necessary to add redirects in natd.conf, but what exactly needs to > be done (could someone post a generic example or put up a link to an > example). Also in order to register a domain it is necessary to have 2 > DNS servers. Is it possible to set up one behind the firewall on an > internal IP address and route it through as well? Obviously the second > cannot be done the same way because the dns servers would have to be at > different "internet" IP addresses, don't they? check out http://www.centralinfo.net -- Peter \\|// (o o) +-------------------------oOOo-(_)-oOOo-----------------------------+ EMail : mailto:pccb(at)yahoo(dot)com PGP Key : http://www.pchiu.com/pgpkey.txt PGP Fingerprint: 949E 0F39 422D 53EA F463 8C06 9E07 5078 838B 4D20 +-------------------------------------------------------------------+ Plate voltage too low on demodulator tube To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message