| Stephen Gran on 1 Dec 2003 17:23:02 -0500 |
|
On Mon, Dec 01, 2003 at 02:31:18PM -0500, Ian Reinhart Geiser said: > > I don't think trying to redirect by fqdn is a good idea (think DNS > > timeouts and such), but doing it by IP is straightforward. > > > > iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 22 -d $IP_OF_CVS \ > > -j DNAT --to-destination $INTERNAL_IP > Yes im aware of this, please read the email next time ;) > > What i really want is to forward via FQDN but there seems to be no real > information on the subject. So im assuming it may not be possible. This is from man iptables: Address can be either a network name, a hostname (please note that specifying any name to be resolved with a remote query such as DNS is a really bad idea), a network IP address (with /mask), or a plain IP address. They recommend against it. Set up an ip for cvs in dns, then listen on that address as a virtual iface (eth0:1 or whatever). Then you can do ip-based redirects. -- -------------------------------------------------------------------------- | Stephen Gran | If everybody minded their own business, | | steve@lobefin.net | the world would go around a deal | | http://www.lobefin.net/~steve | faster. -- The Duchess, "Through the | | | Looking Glass" | -------------------------------------------------------------------------- Attachment:
pgpQcuUtyWD3N.pgp
|
|