Date: Sun, 8 Dec 2002 12:54:06 +0000 From: Matthew Seaman <m.seaman@infracaninophile.co.uk> To: questions@FreeBSD.ORG Subject: Re: HTTP server on internal network Message-ID: <20021208125406.GC8184@happy-idiot-talk.infracaninophi> In-Reply-To: <APEDIKEDLGHANJCCEFLJEEBLCAAA.admin@ella.lt> References: <APEDIKEDLGHANJCCEFLJEEBLCAAA.admin@ella.lt>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Dec 08, 2002 at 08:51:13AM +0200, Admin wrote:
> Hello,
> I want to run HTTP and FTP servers on internal network, and I want that
> they (servers) can be visible from internet. How I must to configure my
> router to get this result.
> for example I want to run HTTP server on 192.168.110.100 and FTP server on
> 192.168.110.101
>
> internet<-->MyRouter(freebsd)<--->internal network(192.168.110.1-254)
> MyRouter external address is 213.194.56.48 (example)
> MyRouter internal address is 192.168.110.115
>
> Internal network computers starts from 192.168.110.1 ends 192.168.110.50 and
> they using gateway 192.168.110.115.
> Computer with address 192.168.110.100 runing HTTP server
> Computer with address 192.168.110.101 runing FTP server
>
> On MyRouter I'm using NAT and IPFW.
> I tryed to use -redirect_port tcp 192.168.110.100:80 80 command in NAT
> configuration but nothing's work
> Where could be my mistake?
There are two ways of approaching this problem. The first and more
common mechanism is to use natd or the like to do port forwarding from
your internet visible gateway to your internal hosts. You've got
essentially the gist of it --- quite why it isn't working for you is
unclear from what you've written, but it's probably a trivial
misspelling or a fubar in your firewall ruleset or some such.
This approach works very well for HTTP, but it will be difficult (if
not impossible) with FTP due to the use of dual data and control
channels.
The other method you might consider is to install a reverse proxy on
your gateway. It's just like using a web cache / proxy on your border
network, except that instead of proxying your requests from inside
your net for data from outside, it proxies external requests for data
from inside. Something like Squid (ports/www/squid) should fit the
bill, although there are many other candidates in the ports tree.
Googling for 'squid reverse proxy' turns up plenty of hits amongst
which you should find plenty of information about how to set it all
up.
Cheers,
Matthew
--
Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks
Savill Way
Marlow
Tel: +44 1628 476614 Bucks., SL7 1TH UK
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021208125406.GC8184>