[CentOS] firewall dilemma

Thu Nov 3 14:03:24 UTC 2005
JC <hiep at ee.ucr.edu>

On Thu, 3 Nov 2005, Ryan wrote:

> On Wednesday 02 November 2005 02:53 pm, JC wrote:
>> Hi everyone,
>>
>> I have this problem that I'm not sure what's the best solution for it.  I
>> need your input & help...
>>
>> I have an internal network behind a hardware firewall.  All traffics go
>> thru. the firewall.  One of the firewall's rules is that it doesn't allow
>> internal network accesses internal resources that travels outside then
>> come back.  In the other words, it drops all packets originate from inside
>> the network that travels outside and then come back to access internal
>> resources.
>>
>> For example: I have web server (used internal ip 10.1.1.10) behind the
>> firewall, internal network can access this web server with
>> http://10.1.1.10, but they can't access http://www.mydomain.com.  Assume
>> that I have static IP (xxx.xxx.xxx.xxx) maps to 10.1.1.10 and dns record
>> www.mydomain.com points to xxx.xxx.xxx.xxx
>>
>> What I want is to allow users inside the network be able to access
>> http://www.mydomain.com instead of http://10.1.1.10
>>
>> Here is my question:
>> should I change the rule of the firewall?  If so, is there a security
>> risk?
>>
>> Is there any other solution for this?
>>
>> By the way, I don't have an internal DNS, I use my ISP DNS service.
>>
>> Thank you so much for your help,
>> JC
>
> Modify the hosts file of your clients to point
> 10.1.1.10 to www.mydomain.com
>
>
> Under windowsXP, open the file here: C:\WINDOWS\SYSTEM32\DRIVERS\ETC with
> notepad.
>
> add in a line:
> 10.1.1.10 	www.mydomain.com
>
what about win 9x?  I tried that on win98, but it's not working?  Is there 
any additional setting I have to make?

Thanks,
JC