From owner-freebsd-stable@FreeBSD.ORG Wed Jul 16 13:47:17 2003 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5364637B404; Wed, 16 Jul 2003 13:47:17 -0700 (PDT) Received: from octo.sytes.net (h24-86-191-15.ed.shawcable.net [24.86.191.15]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3329543F93; Wed, 16 Jul 2003 13:47:16 -0700 (PDT) (envelope-from otacon@octo.sytes.net) Received: from octo.sytes.net (localhost [127.0.0.1]) by octo.sytes.net (8.12.9/8.12.9) with ESMTP id h6GKlFM5001174; Wed, 16 Jul 2003 14:47:15 -0600 (MDT) (envelope-from otacon@octo.sytes.net) Received: from localhost (localhost [[UNIX: localhost]]) by octo.sytes.net (8.12.9/8.12.9/Submit) id h6GKlFDm001173; Wed, 16 Jul 2003 14:47:15 -0600 (MDT) From: Patrick C To: freebsd-ipfw@FreeBSD.ORG, freebsd-stable@FreeBSD.ORG Date: Wed, 16 Jul 2003 14:47:15 -0600 User-Agent: KMail/1.5.2 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200307161447.15141.patrick@filespanker.com> Subject: accessing a jail via localhost X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: patrick@filespanker.com List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Jul 2003 20:47:17 -0000 I'm facing a problem with accessing a HTTPd (Apache) jail locally. Consider this jail scenario: /etc/hosts: 127.0.0.1 localhost foo.com 172.16.0.1 apache /etc/natd.conf: use_sockets yes same_ports yes unregistered_only yes redirect_port tcp 172.16.0.1:80 80 redirect_port tcp 172.16.0.1:443 443 /etc/firewall.sh ... ${fwcmd} add divert natd all from any to any via ${oif}(IPFW) ... rl0, my external net inferface, is aliased to 172.16.0.1. Apache 1.3 is installed in /usr/jail/httpd. There are directives for 5 different hosts, one of them is foo.com. The problem is created by the fact that the hostname of this system is "foo.com", aliased to 127.0.0.1 in /etc/hosts. If I try to access the httpd with http://172.16.0.1/, the page for foo.com doesn't appear, only the default page for Apache ("Welcome to Apache!"). However, http://foo.com/ can be accessed remotely because natd will actually forward it to the jail if the request originates outside of this machine. If it were as easy as changing foo.com to 172.16.0.1 in the hosts file, I would, but other services are dependent on the hostname. I've also tried this rule with IPFW: {fwcmd} add fwd 172.16.0.2,80 tcp from any to localhost 80 ...any suggestions? Help is very much appreciated.