"outsourcing" services

Hi,

I have one PC connected to the internet which runs all kinds of
services, but it's kind of slow, so I want to "outsource" some of them
to other PC's in the lan. I've got this iptables rules:

iptables -t nat -A PREROUTING -p tcp -d $INTERNET_IP --dport 8080 -j
DNAT --to-destination $OTHERPC_IP:80
iptables -t nat -A POSTROUTING -d $OTHERPC_IP -p tcp --dport 80 -j SNAT
--to


$INTERNET_IP is the internet IP address of the box
$OTHERPC_IP is the LAN ip of the other box running the service (http ;-)
$MYLAN_IP is the LAN ip of the box connected to the internet.

When I connect to $INTERNET_IP 8080 the webserver says my IP is
$MYLAN_IP !!! But it needs to recognize the IP of the one who has
connected else I can't apply security rules by IP (My LAN is allowed to
do practical everything). I remember I've managed in the distant past I
had iptables setup the way the clients IP was seen by the LAN pc's
webserver. But I don't know how.
Does anyone know it?

Thanks in advanced,

Frank de Bot!

Hi Frank -

On Wed, 20 Oct 2004 22:35:42 +0200, Frank de Bot
<ppi_doenst@like_spam.searchy.net> wrote:

>iptables -t nat -A POSTROUTING -d $OTHERPC_IP -p tcp --dport 80 -j SNAT
>--to

You're missing the last part of the command, but that's irrelevant.
This command says to the change the source address of the connections
to $OTHERPC_IP from the true source address to [whatever is missing].

Since you are issuing a command to change the source address, why are
you surprised that the source address gets changed????

--
Ken
http://www.ke9nr.net/