Subject: Re: Reach outside address+port of a NAT with port forwarding. Possible?
To: Manuel Bouyer <bouyer@antioche.eu.org>
From: Johan Ihren <johani@autonomica.se>
List: current-users
Date: 05/02/2002 23:14:10
Manuel Bouyer <bouyer@antioche.eu.org> writes:
Manuel,
>> So, if it isn't possible to do this I'll have to cope, but it would
>> be nice if this was possible. Is it?
>
> No it won't, unless your web server and client are on 2 different IP
> networks (in which case just add another rdr line for the interface
> where the client lives).
> If both server and client are on the same subnet this won't work because
> in a rdr the source address isn't changed. So the server will send the
> reply directly (as it's on the same subnet) and as it doesn't go though
> the NAT the reply won't have its header properly updated (the client
> will receive a TCP packet from a IP it didn't open a connection with).
Fair enough. Thanks for the explanation.
Johan