Skip site navigation (1)Skip section navigation (2)
Date:      4 Sep 2001 06:41:05 -0000
From:      chris@unix-fu.org
To:        freebsd-questions@freebsd.org
Subject:   Jail/Apache issue
Message-ID:  <20010904064105.88097.qmail@unix-fu.org>

next in thread | raw e-mail | index | archive | help
Hi folks,

	I went ahead and followed the manual in the handbook for creating a jail and threw Apaache in there. I have a private network set up which includes my workstation which also has a public interface. Now that that's all known, onto the issues. Below is a tiny diagram of how things are set up: (the public ip's have been replaced with fictional numbers for security purposes as these machines are still in development)


	     NAT Machine: Public IP-1: 4.4.4.3 Public IP-2: 4.4.4.5 Private IP: 10.44.45.1

              |						   |			 	  |
              |------------------[Switch]------------------|------------------------------|
              |               			  	   |				  |
              |			                           |  			 	  |
         Webserver-1: 				  Workstation: (win2k)           Webserver-2: (using NAT machine as gateway/fw)
	 Public IP: 4.4.4.6  			  Public IP: 4.4.4.7		 Private IP: 10.44.34.17
	 Private IP: 10.44.45.10		  Private IP: 10.44.45.16	 Jail IP: 10.44.34.72


Basically, the way I had it configured was to forward port 80 connections from the NAT machine's second public IP to Webserver-2's Jail IP. I tried to access it from my workstation, and nothing happened. So I sniffed the traffic. It was going from my workstation's public IP to webserver-2's Jail IP. I can however reach the webserver from other networks. Next issue, is with Apache and name-based virtual hosts. For some reason, regardless of the address typed in, the main server's DocumentRoot is reached. Here is the section in my Apache config for Virtual hosts:


NameVirtualHost 4.4.4.5
    
<VirtualHost domain1.com>
    ServerAdmin webmaster@domain1.com
    DocumentRoot "/usr/local/apache/domain1.com"
    
<Directory />
    Options FollowSymLinks
    AllowOverride All
</Directory>
<Directory "/usr/local/apache/domain1.com">   
    Options FollowSymLinks MultiViews
    AllowOverride All
    Order allow,deny
    Allow from all
</Directory>

    ServerName www.domain1.com
    ErrorLog /usr/local/apache/logs/domain1-error_log
    CustomLog /usr/local/apache/domain1-access_log combined
</VirtualHost>

<VirtualHost domain2.com>
    ServerAdmin webmaster@domain2.com
    DocumentRoot "/usr/local/apache/domain2.com"
    ServerName www.domain2.com
    ErrorLog /usr/local/apache/logs/domain2/error_log
    CustomLog /usr/local/apache/logs/domain2/access_log combined
</VirtualHost>

I'm basically lost for ideas right now. I'm hoping someone can spot an error or have some idea of what I could be doing wrong. I've also tested against my old chroot configuration, and the webserver works. However, I still cannot get to the site via http from my workstation. I'm using IPNAT/IPF. Any information is greatly appreciated.

	Thanks,

Chris

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010904064105.88097.qmail>