[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: private IP web server

On Thu, 2002-06-06 at 14:52, Mike Egglestone wrote:

> I understand that with IPtables, I can setup my ftp,www, mail boxes
> to have private IP's. I do this with the nat table.
> Here's the question:
> What if I have more than web server?
> Is there a way to setup iptables to redirect port 80 requests to different
> internel web servers?

Assuming you cannot simply assign additional external IP addresses and
NAT each web server from it's own public address (in which case iptables
will do the job just fine), what you need is some way to route requests
intended for different web servers to different internal servers based
on the HTTP header.

Iptables is not really the tool for that job.

You could do this by using iptables to NAT all requests to a single
internal machine running Squid as a reverse proxy, either configured by
hand or perhaps using the SquidGuard redirector. That machine would then
examine all request headers and redirect the request to different
internal machines based on a criteria such as hostname in the URL.

Diagram here:



Jonathan Oxer
Chief Technical Officer
Internet Vision Technologies <http://www.ivt.com.au>
Jade Servers <http://www.jadeservers.com>
Ph +61 3 9723 9399 / Fx +61 3 9723 4899
GPG key: http://www.ivt.com.au/gpg/jon.oxer.gpg

To UNSUBSCRIBE, email to debian-firewall-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to: