From: Joseph Watson <jtwatson@datakota.com>
To: lartc@vger.kernel.org
Subject: [LARTC] Simple question
Date: Mon, 30 Sep 2002 05:07:05 +0000 [thread overview]
Message-ID: <marc-lartc-103336252526665@msgid-missing> (raw)
In-Reply-To: <marc-lartc-101977241907607@msgid-missing>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hello,
I have a linuxbox running shorewall, and on the lan side nic I have multiple
networks, and ip's from both assigned to the nic. One network is private,
and the other is public ip's. I have a web server running on the firewall
with multiple virtual hosts configured. I have the private ip on the lan
tied to the default apache config, and the public ip on the lan tied to a
vurtual configuration. Also the public ip on the wan is tied to another
virtual host.
I want all web traffic on the private network that is trying to go through the
firewall to get forwarded to the firewall and be answered by the apache
default config. All this config will do is redirects the request to my
domain. So no matter where they try to go, they will end up at my page. The
following will do the trick.
ACCEPT lan:192.168.1.0/24 fw:192.168.1.1:80 tcp http - all
I think it is required to specify the 192.168.1.1 on the firewall so it is
answered by the proper apache config. Am I right? The 192.168.1.1 is the
main ip on the nic, and the public ip is a alias.
Then came the question, will the following rule do the same thing?
ACCEPT lan:192.168.1.0/24 lan:192.168.1.1:80 tcp http - all
Would this act any different?
- --
Regards
Joseph Watson
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
iD8DBQE9l9v5ABydhMNsDgMRAqX/AJ49x9j4fK4eVuwfQJMxA15YWKdHoACgzhKv
mGExxcT5A/DK6prz2L1yBog=
=z1pS
-----END PGP SIGNATURE-----
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
next prev parent reply other threads:[~2002-09-30 5:07 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2002-04-25 22:14 [LARTC] simple question Mihai RUSU
2002-04-25 23:05 ` Patrick McHardy
2002-09-26 2:47 ` Jason C. Leach
2002-09-26 4:01 ` LIEVEN
2002-09-30 5:07 ` Joseph Watson [this message]
2002-09-30 5:14 ` [LARTC] Simple question Joseph Watson
2006-09-11 11:47 ` [LARTC] simple question Ferdinando Formica
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=marc-lartc-103336252526665@msgid-missing \
--to=jtwatson@datakota.com \
--cc=lartc@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.