Date: Thu, 29 Aug 2002 09:25:59 +0100 From: Matthew Seaman <m.seaman@infracaninophile.co.uk> To: Mark-Nathaniel Weisman <mark@outlander.us> Cc: questions@FreeBSD.ORG Subject: Re: Question about NATD on v4.5 Message-ID: <20020829082559.GA31722@happy-idiot-talk.infracaninophi> In-Reply-To: <B030C8F9120CCD43A1FC642851FB9FB404587D@mavrick.outland> References: <B030C8F9120CCD43A1FC642851FB9FB404587D@mavrick.outland>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Aug 27, 2002 at 11:03:25PM -0800, Mark-Nathaniel Weisman wrote: >=20 > I've got NATD working fine on my BSD firewall, however now I want to > "trick it out" by allowing a redirect to occur somewhere else if a > specific name appears in the request. >=20 > Currently I have all incoming http traffic being forwarded to an > internal webserver at say 192.186.50.2. That server then uses name > resolution under apache to identify www.domain1.com, www.domain2.com, or > www.domain3.com which all reside on this webserver. My firewall internal > address is say 192.168.50.1, which has IPDIVERT installed and is working > fine. > Now say I want all requests to www.domain2.com to go to another server > at 192.168.50.3 instead of the main webserver, however, all I want is > this one domain to go there. Any ideas of what I can do in NATD to set > this up? ipfw and natd in general look only at the packet headers: they know nothing about the payload of packets, nor about any particular protocols, like HTTP. Which means they aren't really suitable to do what you want. Unless you're prepared to do quite a lot of programming then I'd look elsewhere for a solution. apache itself is a more profitable target to achieve what you want. You should be able to use the mod_rewrite functionality to make the server on 192.168.50.1 proxy accesses to www.domain2.com to 192.168.50.2. This isn't ideal, as clearly 192.168.50.1 still has to deal with all the traffic, but all it's doing is handing off the requests to the other server. There are some good examples in the apache docs at http://httpd.apache.org/docs/misc/rewriteguide.html, particularly the sections on Load Balancing and Reverse Proxy. Cheers, Matthew --=20 Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020829082559.GA31722>