From owner-freebsd-net Wed Dec 12 13:31:38 2001 Delivered-To: freebsd-net@freebsd.org Received: from mta2-rme.xtra.co.nz (mta2-rme.xtra.co.nz [210.86.15.130]) by hub.freebsd.org (Postfix) with ESMTP id DF88937B416 for ; Wed, 12 Dec 2001 13:31:27 -0800 (PST) Received: from internet1.masaclaw.co.nz ([210.55.57.50]) by mta2-rme.xtra.co.nz with ESMTP id <20011212213125.UYZI20016.mta2-rme.xtra.co.nz@internet1.masaclaw.co.nz> for ; Thu, 13 Dec 2001 10:31:25 +1300 Message-Id: <5.1.0.14.2.20011213102507.02807928@mail.masaclaw.co.nz> X-Sender: masaclaw@mail.masaclaw.co.nz X-Mailer: QUALCOMM Windows Eudora Version 5.1 Date: Thu, 13 Dec 2001 10:25:15 +1300 To: freebsd-net@FreeBSD.ORG From: Tom Peck Subject: RE: 1 IP - 1 Firewall - 2 Webservers Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi Johan At 08:13 12/12/2001 -0800, you wrote: >I perhaps should have read all of the mail..... > >Well - Squid got X-Forwarded for, >And that't easy to configure Apache to look into, I believe that the >newer IIS server if that's used also are quite good at that type of >access. > >If I remember correctly doing a reverse proxy under Apache would >(with the proxy-pass-reverse) produce pretty much the same result. > >But another thing comes to mind, squid do produce quite nice logs >as well? It would, but I would prefer to save the gateways recourses (log files can become quite large..) and to have each web server looking after it's own logs - so basically once the gateway box has been configured, it should never need to be touched again. Tom >/JE > > >Unix is like a wigwam - no gates, no windows, apache inside > >################################## > Johan Edstrom, SCA IT Services > johan.edstrom@sca.com > Tel : +1 920 727 8821 > Fax : +1 920 727 8810 > Cell : +1 920 205 6472 >################################## > > > -----Original Message----- > > From: owner-freebsd-net@FreeBSD.ORG > > [mailto:owner-freebsd-net@FreeBSD.ORG]On Behalf Of Lars Eggert > > Sent: Tuesday, December 11, 2001 2:53 PM > > To: Tom Peck > > Cc: johan.edstrom@sca.com; freebsd-net@FreeBSD.ORG > > Subject: Re: 1 IP - 1 Firewall - 2 Webservers > > > > > > Tom Peck wrote: > > > > > How would this work? The two web servers aren't accessible straight > > > from the Internet - traffic goes via the gateway box. > > > > I bet he forgot to mention that the gateway is also a NAT box. Since > > squid does app-level relaying, HTTP isn't affected. > > > > Lars > > -- > > Lars Eggert Information Sciences Institute > > http://www.isi.edu/larse/ University of Southern California > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-net" in the body of the message > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message