How to pass IP to servers from virtual server forwarders

Forums Network Management ZeroShell How to pass IP to servers from virtual server forwarders

  • This topic is empty.
Viewing 3 posts - 1 through 3 (of 3 total)
  • Author
  • #44245

    Good evening. I have recently run into an issue with my web server and my new Zeroshell configuration. The Zeroshell system has two NICs installed, one to WAN and one to my switch. I created a virtual server and told it to redirect my public IP address on all NICs on port 80 and 443 to my private network NIC with the IP of my apache server and ports 80 and 443. Everything worked fine until I looked at the logs. All connections show up as coming from the router’s IP on the private network. When the connection is passed through the Zeroshell virtual server routing, the IP address is lost and replaced with the private IP of my router. It is necessary that I see the IP addresses of my clients for logging purposes. Is there something I have set up wrong or is there no way around this? Should I have used a firewall rule instead, and if yes, how would I do that? Also, could the problem be from my NAT configuration, and if so, how could I properly configure it?

    I look forward to your replies. Zeroshell truly is an amazing piece of software and I look forward to using it in many future networking projects.


    Remove the internal interface from ‘Nat Enabled Interfaces’, and add, in Scripts/Cron, NAT and Virtual Servers script,

    iptables -t nat -I POSTROUTING 1 -o internal.iface -s lan.ip addr/mask -d server.private.ip -j MASQUERADE

    Assuming your internal network on ETH00, and you ‘real’ server ip address

    iptables -t nat -I POSTROUTING 1 -o ETH00 -s -d -j MASQUERADE

    enable the script.
    This should translate the source ip address (with the lan side ZS ip address) received from the server only if the packets are coming from the inside lan, leaving unchanged packets which arriving from the wan.


    Thank you very much 🙂
    I truly appreciate the help! The script worked great and the ip is now successfully passed on to the actual server and can be recorded in the logs! Thank you again!

Viewing 3 posts - 1 through 3 (of 3 total)
  • You must be logged in to reply to this topic.