how to plublish multiple web sites ex. eth0 (internet) eth1 (lan) http://www.domain1.it (212.131.137.131) -----> eth0 ----> eth1 LAN web server 1=192.168.0.1 http://www.domain2.it (212.131.137.131) -----> eth0 -----> eth1 LAN web server 2=192.168.0.2 ftp://ftp.domain2.it (212.131.137.131) ----> eth0 ----> eth1 LAN ftp server = 192.168.0.2 thank you very much
cheers();> how to plublish multiple web sites > ex. > eth0 (internet) > eth1 (lan) > > http://www.domain1.it (212.131.137.131) -----> eth0 ----> eth1 LAN web > server 1=192.168.0.1 > http://www.domain2.it (212.131.137.131) -----> eth0 -----> eth1 LAN web > server 2=192.168.0.2 > ftp://ftp.domain2.it (212.131.137.131) ----> eth0 ----> eth1 LAN ftp server > = 192.168.0.2I suppose, that is not possible -- if I''m wrong, Tom will slap me as usual... ;-) shorewall doesn''t filter the contents of the packets. Having multiple webservers on a single IP are separated by HTTP 1.1 (or the 1.1 Header ''Host:'' that is sent even in most 1.0 clients). That means, only the webserver can determine, which content to deliver. karsten -- Hi, I''m a signature virus. Copy me into your ~/.signature to help me spread!
kb wrote:> cheers(); > > >>how to plublish multiple web sites >>ex. >>eth0 (internet) >>eth1 (lan) >> >>http://www.domain1.it (212.131.137.131) -----> eth0 ----> eth1 LAN web >>server 1=192.168.0.1 >>http://www.domain2.it (212.131.137.131) -----> eth0 -----> eth1 LAN web >>server 2=192.168.0.2 >>ftp://ftp.domain2.it (212.131.137.131) ----> eth0 ----> eth1 LAN ftp server >>= 192.168.0.2 > > > > I suppose, that is not possible -- if I''m wrong, Tom will slap me as > usual... ;-) > > shorewall doesn''t filter the contents of the packets. > > Having multiple webservers on a single IP are separated by HTTP 1.1 (or > the 1.1 Header ''Host:'' that is sent even in most 1.0 clients). That > means, only the webserver can determine, which content to deliver.Very true -- the ususal suggestion in this instance is to use ONE http server and use virtual hosting (Apache does a good job of this). The other thing that should work is to run Apache as a proxy on the firewall and let it proxy for your internal servers. I belive that only works for http and not https though. Someone who has run Apache as a proxy can undoubtedly correct me there if I''m wrong... -Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline, \ http://www.shorewall.net Washington USA \ teastep@shorewall.net