Hello. I''ve searched all I can and I can''t figure this out. I have a static IP with my ISP at home, and behind my ISP-provided router I have a Debian linux box running shorewall (and other software). Behind this box, I have several other computers running a mixture of tasks around the house. I have a domain at home, say myhouse.homeip.net, set up and have somehow configured things so that if I ssh to computer1.myhouse.homeip.net or to computer2.myhouse.homeip.net, I get into computer1 or computer2, respectively. I have NO idea how I managed to do this. I''ve looked through all my configuration files and I can''t even remember if I set this up somehow on my powerbook or on my router computer. I''d like to do similar things with other ports besides 22. For instance, I''d like to be able to go to http:// computer1.myhouse.homeip.net or http://computer2.myhouse.homeip.net and depending on which URL was entered in the browser, get forwarded to port 80 or 443 of the proper computer behind my firewall. I can''t for the life of me figure out how to do this though! I thought bind9 might be part of the answer, but I really screwed up the seemingly simple "apt-get install bind9" and now my firewall computer is pretty much never going to run bind unless I get some professional help. If anyone can explain to me how I can forward requests to different computers based on what the computer name was, I''d really appreciate it. Eventually I''d like to have some "real" domains pointed at my home (this is allowed in my ISP''s TOS) so I''d need to understand this before I could do that, too. Thank you very much, - Andrew Clarke. ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/
> Hello. I''ve searched all I can and I can''t figure this out. I have > a static IP with my ISP at home, and behind my ISP-provided router I > have a Debian linux box running shorewall (and other software). > > Behind this box, I have several other computers running a mixture of > tasks around the house. I have a domain at home, say > myhouse.homeip.net, set up and have somehow configured things so that > if I ssh to computer1.myhouse.homeip.net or to > computer2.myhouse.homeip.net, I get into computer1 or computer2, > respectively. I have NO idea how I managed to do this. I''ve looked > through all my configuration files and I can''t even remember if I set > this up somehow on my powerbook or on my router computer. >Are you sure that you did this ? :) The ssh does not offer this possibility. Maybe you did DNAT and configured the homeip domain to point to diferrent ports on the same host.> I''d like to do similar things with other ports besides 22. For > instance, I''d like to be able to go to http:// > computer1.myhouse.homeip.net or http://computer2.myhouse.homeip.net > and depending on which URL was entered in the browser, get forwarded > to port 80 or 443 of the proper computer behind my firewall. I can''t > for the life of me figure out how to do this though!For http you can setup apache as a reverse proxy on the debian machine, look for information about mod_proxy.> I thought bind9 might be part of the answer, but I really screwed up > the seemingly simple "apt-get install bind9" and now my firewall > computer is pretty much never going to run bind unless I get some > professional help. >Nope, bind it''s only a dns server, it does not handle other protocols or does not do packet routing.> If anyone can explain to me how I can forward requests to different > computers based on what the computer name was, I''d really appreciate > it. Eventually I''d like to have some "real" domains pointed at my > home (this is allowed in my ISP''s TOS) so I''d need to understand this > before I could do that, too. > > Thank you very much, > - Andrew Clarke. >If you would like more details we can talk in private and you can reach me at this replying address because this list is about shorewall only.> ------------------------------------------------------------------------- > This SF.net email is sponsored by DB2 Express > Download DB2 Express C - the FREE version of DB2 express and take > control of your XML. No limits. Just data. Click to get it now. > http://sourceforge.net/powerbar/db2/ > _______________________________________________ > Shorewall-users mailing list > Shorewall-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/shorewall-users >------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/
Andrew Clarke wrote:>Hello. I''ve searched all I can and I can''t figure this out. I have >a static IP with my ISP at home, and behind my ISP-provided router I >have a Debian linux box running shorewall (and other software). > >Behind this box, I have several other computers running a mixture of >tasks around the house. I have a domain at home, say >myhouse.homeip.net, set up and have somehow configured things so that >if I ssh to computer1.myhouse.homeip.net or to >computer2.myhouse.homeip.net, I get into computer1 or computer2, >respectively. I have NO idea how I managed to do this. I''ve looked >through all my configuration files and I can''t even remember if I set >this up somehow on my powerbook or on my router computer.How many IP addresses do you have ? What do you get if you type "host computer1.myhouse.homeip.net" and host computer2.myhouse.homeip.net" ? Specifically, do these give the same or different addresses ? If you are lucky enough to have multiple IPs then it is fairly easy - just forward (DNAT) a.b.c.26 to 192.168.1.37 and a.b.c.27 to 192.168.1.15 for example.>I thought bind9 might be part of the answer, but I really screwed up >the seemingly simple "apt-get install bind9" and now my firewall >computer is pretty much never going to run bind unless I get some >professional help.BIND won''t help you unless you also get your domain ''pointed'' to it. You can host whatever you like on your own DNS server, but unless the upstream servers know to query it then it just won''t do anything.>If anyone can explain to me how I can forward requests to different >computers based on what the computer name was, I''d really appreciate >it. Eventually I''d like to have some "real" domains pointed at my >home (this is allowed in my ISP''s TOS) so I''d need to understand this >before I could do that, too.With HTTP the domain is part of the request, that''s why virtual hosts work on web servers. I can''t think of another protocol that does that, and without it it''s almost impossible to do such multiplexing. What you can do is run services on different ports - eg for SSH you could run sshd to listen on port 2222 and DNAT a.b.c.d:2222 to 192.168.1.x:22. But doing that, you as the user must know what port to use, there is no means to do this via DNS*. * Unless your client understands and uses SRV records, which isn''t that common for the ''basic'' protocols. ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/