My friend has this problem: he develops a simple client/server application (basically just show up the IP of client and server on each side when connected) using something call Kylix and wants to run it over the internet (have no problem when tested on local machine as well as LAN situation). But, client was unsuccessful when try to connect to server under a internet situation. His server was run on one of the machines inside a LAN and had the ADSL router opened for port e.g. 1088. How should he set the relevant network/firewall configuration? Say for example, the server is running on 210.88.54.110 and port 1088.

Thanks if anyone can help.

What he needs to do is what is called DNAT
( destination network address translation ) for example if I make a request to 200.85.42.197 at port 80. The router will change the destination in the header of my TCP/IP package to a machine inside the LAN.

All the packages with destination 200.85.42.197 will be deliverd to 192.168.0.11 for example.

you can do this with a linux machine as a router but a comercial router should support this too.

Cross-posting is when you post the same thing on two or more threads. One os enough, if you put it in the wrong section we will gladly move it
The other one is gone

And this belongs in Networking as that is the question ;)

Originally posted by mahdi
Cross-posting is when you post the same thing on two or more threads. One os enough, if you put it in the wrong section we will gladly move it
The other one is gone

And this belongs in Networking as that is the question ;)

Ok got it. Thanks!

Originally posted by javmarcan
What he needs to do is what is called DNAT
( destination network address translation ) for example if I make a request to 200.85.42.197 at port 80. The router will change the destination in the header of my TCP/IP package to a machine inside the LAN.

All the packages with destination 200.85.42.197 will be deliverd to 192.168.0.11 for example.

you can do this with a linux machine as a router but a comercial router should support this too.

Thank u javmarcan. I'll ask him to try this. And let u know whether it works later.

By the way, how do u make a linux machine as a router and do the above jobs (if possible)?

Does my friend has to make any firewall configuration in order for the server application to run on port 1088 and accept client connection on that port (in an Internet/WAN situation)?

If yes, how is this done or what need to be done?

I dont think you could make your apache listen on another port in an internet situation cuz all the clients by default make request to the 80 port. If you want to have many domains in the same server try using virtual hosts under apache.

If you have a machine inside your lan you could change the port number and redirect all the traffic coming to your outside IP to a inside Ip in a specific port
you can use iptables to acomplish that.

for example:

$ iptables -A PREROUTING -t nat -d x.x.x.x -p tcp --dport 80 -j DNAT --to-destination y.y.y.y:9999

where x.x.x.x is your external ip and y.y.y.y is your inside the LAN ip

as you could see I send all the traffic to
mi machine inside the LAN on port 9999 where is the port that my apache is listening