[Shorewall-users] redirect virtual webservers

Cowles, Steve Steve@SteveCowles.com
Mon, 29 Apr 2002 08:59:43 -0500


> -----Original Message-----
> From: Goetz Reinicke 
> Sent: Monday, April 29, 2002 8:06 AM
> To: shorewall-users@shorewall.net
> Subject: [Shorewall-users] redirect virtual webservers
> 
> 
> Hi,
> 
> on a internal test webserver I have different namebased virtual 
> webservers. Ther is an A record om my DNS system for the main server, 
> and CNAME records for the virtual servers.
> 
> Now I'm thinking of a public webserver also with virtual namebased 
> servers. What I need is to redirect incoming http(s) requests to the 
> internal web servers, but how to handle the different virtual names??
> 
> The same, iff i have multiple physical webservers?? how do I redirect 
> requests to e.g. web01 (172.17.1.1) and web02 (172.17.1.2)
> 
> my Firewall has an A record, the webservers will have CNAME 
> records, but private IPs in my DMZ. So Any Hints or working
> configs??
> 
> A rule like
> ACCEPT    net    loc:172.17.1.1:80    tcp    80    -    1.2.3.4
> 
> would only handle _one_ Webserver, am I right??
> 

Yes.

But unless you have multiple public IP addresses assigned to your firewall's
external interface, I think you'll find your limited to running a single
physical WEB server configured for name based virtual hosting. That's what I
do. 

Steve