On Mon, Jun 30, 2003 at 01:45:09PM -0700, Aaron J. Grier wrote:
> this is somewhat related to Caloro's setup.  I have a NetBSD box
> providing NAT duties for my internal hosts, it looks like this:
> 
> (10.0.0.0/8) <--> (10.0.0.1 on le0) NAT (publicIP on le1) <--> internet
> 
> NAT is working fine, and port redirections are working from the internet
> to my internal machines.  I'd like to hit the next step: inside-in port
> redirects, IE connections to publicIP:80 need to be forwarded back into
> the internal network.  I'd like to do this to avoid split DNS for my
> public name.  right now hosts on the private network need to use private
> names to access local services.  Ideally they should be able to use
> either.
> 
> the standard outside-in redirect isn't applicable in this case:
> map le1 10.0.0.0/16 -> 209.162.215.114/32 portmap tcp/udp 1025:65000
> map le1 10.0.0.0/16 -> 209.162.215.114/32
> 
> rdr le1 0/0 port 80 -> 10.0.0.6 port 80 tcp
> 
> I've tried adding the following, but it doesn't seem to work:
> 
> rdr le0 10.0.0.0/8 port 80 -> 10.0.0.6 port 80 tcp

How about trying the following?

rdr le0 publicIP/32 port 80 -> 10.0.0.6 port 80 tcp

Best Regards,

Ben