[Shorewall-users] Multiple web servers in DMZ
l0f33t at yahoo.com
Thu May 29 19:46:36 PDT 2003
I believe what Tom was asking you to do was to
Actually bind your other public ip addresses that you
own to eth0's nic/ethernet card. This would be the
first step before atempting to configure Shorewall.
Once you get eth0 configured correctly then configure
your shorewall rules appropriately.
Right now I believe that the only ip address that is
bound to eth0's nic/ethernet card is 188.8.131.52 and
this is why this address works and the other/'s won't
forward correctly. I believe the others won't until
you get your ethernet card configured correctly with
the other public ip's that you own, bound to eth0. :)
Hope that helps. If I'm off base Tom please correct
--- Tom Eastep <teastep at shorewall.net> wrote:
> On Thu, 29 May 2003 13:56:49 -0700 (PDT), aleksey
> <aleksey_shorewall at yahoo.com> wrote:
> > My interfaces file contains the following:
> > #ZONE INTERFACE BROADCAST OPTIONS
> > net eth0 184.108.40.206
> That CAN'T be the broadcast address!!!! Looks like
> the interface address...
> > and my rules file contains the following for port
> > # <<< Jupiter >>>
> > DNAT net dmz:192.168.6.2
> tcp 80 -
> > 220.127.116.11
> > # <<< viking >>>
> > DNAT net dmz:192.168.6.5
> tcp 80 -
> > 18.104.22.168
> > the 22.214.171.124 works but 126.96.36.199 which is
> a new web server
> > doesnt' work.
> If one more person tells me something "doesn't work"
> without any more
> information, I'm going to quit answering questions
> on this list during the
> day. I've simply don't have time while I'm at work
> to drag the details out
> of each and every person...
> a) What happens when you try to connect to
> http://188.8.131.52? Timeout?,
> Connection refused?, client computer explodes?
> b) Did you try telnetting to 184.108.40.206 80? If
> so, what response did you
> get? If not, please try that.
> c) Can you ping to 220.127.116.11?
> d) Have you looked at FAQ #1a and #1b -- there are
> tips there for debugging
> port forwarding problems?
> e) What does "ip addr show eth0" give you?
> Tom Eastep \ Shorewall - iptables made easy
> Shoreline, \ http://www.shorewall.net
> Washington USA \ teastep at shorewall.net
> Shorewall-users mailing list
> Post: Shorewall-users at lists.shorewall.net
> Support: http://www.shorewall.net/support.htm
> FAQ: http://www.shorewall.net/FAQ.htm
Do you Yahoo!?
The New Yahoo! Search - Faster. Easier. Bingo.
More information about the Shorewall-users