Hi,
Im ''almost'' sure iptables can''t do it. :-)
It works like this,
The client which does the request first resolves the IP adress of the FQDN
on the DNS server and after that sends a packet to the IP adress it found.
The header of the packet that arrives on the firewall, ONLY contains IP
adresses, and no FDQN''s, So in the packet you can''t see
anymore if the
client has resolved the IP adress by searching for www.domain1.com or
www.domain2.com
In the part of the packet containing the HTTP data there IS such information
ofcourse, but IPTABLES doesn''t take a look at the packet data.
Maybe it''s solveable, with some kind of web proxy server software.
Niels.
-----Original Message-----
From: i.samarelli@libero.it [mailto:i.samarelli@libero.it]=20
Sent: 05 September 2002 08:57
To: shorewall-users@shorewall.net
Subject: [Shorewall-users] FQDN
Hi,
I''ve a question about a FQDN VS Shorewall configuration:
I''d like to install a firewall that should forward the web requests
to=20
different web servers (iis, apache, and so on...);
all web sites are registered with the same ip to internic (eg.=20
www.example1.com-->151.99.234.3-->apache-server,
www.example2.com-->151.99.234.3-->iis-server, etc...) so I''m wondering if I can
tell
shorewall to recognise the requested FQDN and forwarding to the=20
specific web server.
Thank you,
SamarelliJ=1A+{=06=C2=A5=E2=80=93=C3=AB=1E=C2=AE=C3=89=C5=A1=C5=A0X=C2=A7=E2=80=9AX=C2=AC=C2=B5(h=C2=AD=C3=AC=1A=E2=80=93[=C2=ACz=C2=BB,=E2=80=A0=C5=A0=C3=9E=C3=81=C2=A9e=C2=9D=C3=ABa=C2=B6=C3=9A=7F=C3=BF=0C0=C2=B2=1A+{=06=C2=A5=E2=80=93w=C2=AD=C3=BEf=C2=A2=E2=80=93f=C2=A7=C3=BEX=C2=AC=C2=B6)=C3=9F=C2=A3
=C3=BB!=C2=A2=C2=B7=C2=B0jYn=C2=B1=C3=AA=C3=AC