[plug] Firewall

John Breen (home) locutus at borg.apana.org.au
Tue Jul 31 07:02:31 WST 2001


Oops, again it seems more explanation is in order.

What I have at the moment is a network which looks like this;

203.11.114.137
  smoothwall                         borg
windows
192.168.1.x                   192.168.1.y                       192.168.1.z
       |                                       |
|
      ------------------------- hub -------------------------

it's being done this way so that eventually my home network can be isolated
behind another machine and hub.

the webserver lives on borg, the firewall is a dedicated machine on
smoothwall.

What seems to be happening is that the request is coming to smoothwall for
203.11.114.137 and it's getting forwarded to borg as a request for the ip,
without regard as to whether it's the virtual domain or not...

I guess what I need to know is, is it possible to modify the firewall
forwarding rules so that packets intended for my virtual domain are seen by
the web server as being for the virtual domain, preferably without needing
to give the virtual domain a second ip address....

Cheers,

john

----- Original Message -----
From: "Sacha Schlegel" <schlegel at lab219-02.cs.curtin.edu.au>
To: "John Breen" <locutus at borg.apana.org.au>
Sent: Monday, July 30, 2001 1:47 PM
Subject: Re: [plug] Firewall


> Hi John
>
> On Mon, 30 Jul 2001, John Breen wrote:
>
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > Sorry, I should have explained more properly.
> >
> > I have had the server running before, all properly set up and
> > everything.  The web server is configured right.  After I installed
> > the firewall, all web connects to locutus.borg.apana.org.au now go to
> > borg.apana.org.au, rather than to borg.apana.org.au/~locutus.  The
> > virtual domain was all working fine till Sunday morning.
> >
> > My firewall is set to forward all incoming requests on port 80 to
> > 192.168.x.y, which is the machine the web server is sitting on.
>
> So if you turn off the firewall it is working properly? Do your apache
> logs explain something?
>
> Sacha
>
> >
> >
> > > To me it looks more like your web server is not set up properly. i
> > > use apache with some different domains. on domain name level the
> > > webserver decides which pages to show (like company or private)
> > >
> > > Check reading for virtual domains of the apache web server.
> >
> > -----BEGIN PGP SIGNATURE-----
> > Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>
> >
> > iQA/AwUBO2UJLXkzVr6mO4cbEQI2qQCgwu8L4bwi9eKNsfrolBsYtBcG7YIAniB1
> > IJfs7vSasdQCwWrV2J13f5X8
> > =6afH
> > -----END PGP SIGNATURE-----
> >
> >
> >
>
> --
> --------------------------------
> Sacha Schlegel
> 1/67 Upton Street
> 6102 St. James
> Perth, Australia
> mailto:schlegel at cs.curtin.edu.au
> http://www.schlegel.li
> --------------------------------
>




More information about the plug mailing list