Hi Anthony
First thanks for your help about redirect.
I have another question for you:I try to establish iptables with a feature
that I know the Isa -Microsoft server can do and call web publishing.
I have few webservers in my work that I intend to put behind the firewall .I
can do this with virtual ip's to my external ethernet card
And I can put few apache servers behind the firewall.
In the isa server as far as I know you can do web publishing and people
always refer to the external ethernet card and the iis go and bring
The internal web pages from servers behind the firewall and not like I do
with forwarding the packets in the iptables.
I found something in the apache documents that show away to do it:
Description:
This is a tricky way of virtually running a corporates (external) Internet
webserver (www.quux-corp.dom), while actually keeping and maintaining its
data on a (internal) Intranet webserver (www2.quux-corp.dom) which is
protected by a firewall. The trick is that on the external webserver we
retrieve the requested data on-the-fly from the internal one.
Solution:
First, we have to make sure that our firewall still protects the internal
webserver and that only the external webserver is allowed to retrieve data
from it. For a packet-filtering firewall we could for instance configure a
firewall ruleset like the following: ALLOW Host www.quux-corp.dom Port
>1024 --> Host www2.quux-corp.dom Port 80
DENY Host * Port * --> Host www2.quux-corp.dom Port 80
Just adjust it to your actual configuration syntax. Now we can establish
the mod_rewrite rules which request the missing data in the background
through the proxy throughput feature:
RewriteRule ^/~([^/]+)/?(.*) /home/$1/.www/$2
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^/home/([^/]+)/.www/?(.*) http://www2.quux-corp.dom/~$1/pub/$2
[P]
But the problem is that in Iptables I can't refer to the url just to the ip
address.
Above you can see from the apache example with allow and deny they refer to
url and not to ip's.
Is there a way to do this web publishing in the iptables?
Thanks in advance
Nir
