Re: [Fwbuilder-discussion] Wrong IP Address in Web-Server logs
Brought to you by:
mikehorn
Menu
▾
▴
Re: [Fwbuilder-discussion] Wrong IP Address in Web-Server logs
|
From: <va...@vk...> - 2006-11-24 06:49:47
|
the screenshot is cut off at the bottom. Can you show all your NAT =20 rules ? --vk On Nov 23, 2006, at 10:39 PM, Andreas Pelzner wrote: > Hello, > > thanks for answering. The rules are looking like this. Starting at =20 > rule #3. First NAT rule from Internet to DMZ-Server. Second NAT =20 > rule from DMZ-Server to internet. > > I can't discover a double translation, or am I wrong? "Virtual" =20 > means the external IP Address for a DMZ server bound at the =20 > external interface of the firewall e.g. xxx.117.88.14 which is =20 > translated to 10.0.0.14 and vice versa. > > <attcea71.jpg> > > > Beste Gr=C3=BC=C3=9Fe / Kind Regards > > > From: Vadim Kurland =E2=9C=8D [mailto:va...@vk...] > > Sent: Freitag, 24. November 2006 07:09 > > To: Andreas Pelzner > > Cc: fwb...@li... > > Subject: Re: [Fwbuilder-discussion] Wrong IP Address in > > Web-Server logs > > > > > > On Nov 23, 2006, at 11:15 AM, Andreas Pelzner wrote: > > > > > Hello, > > > > > > I currently upgraded FWbuilder from Version 1.xx to 2.0.3 (debian > > > sarge package) on a debian box. Behind this box there is a > > DMZ with > > > a web server. The external interface is xxx.117.88.2. The internal > > > DMZ interface of the firewall box is 10.0.0.1. After the > > migration, > > > all log files entries on our web server will show 10.0.0.1 as > > > source address and not any more the original Internet IP address > > > e.g. 88.17.24.3. > > > > > > Any idea if a rule had been gone during upgrade process or which > > > rule I have to add to enable the Original Source IP Address? > > > > > > apparently you have a NAT rule that does double translation - it > > changes both source and destination addresses of the packet. Just > > remove the object in TSrc of this rule to stop it from translating > > source address. > > > > --vk > > > > > <attcea71.jpg> > ----------------------------------------------------------------------=20= > --- > > Take Surveys. Earn Cash. Influence the Future of IT > Join SourceForge.net's Techsay panel and you'll get the chance to =20 > share your > opinions on IT & business topics through brief surveys - and earn cash > http://www.techsay.com/default.php?=20 > page=3Djoin.php&p=3Dsourceforge&CID=3DDEVDEV____________________________= ____=20 > _______________ > Fwbuilder-discussion mailing list > Fwb...@li... > https://lists.sourceforge.net/lists/listinfo/fwbuilder-discussion |