Re: pf how-to: Single public IP --> many private NAT'd HTTPS servers

Doug Poland wrote: I see what you are getting it. I told pf to simply route all https requests to a fixed private IP. When I pointed my browser at the FQDN, firefox told me I had a certificate problem... i.e., the certificate returned was not the one expected. So, is the bottom line, one *c

Re: pf how-to: Single public IP --> many private NAT'd HTTPS servers

OutbackDingo wrote: the problem here is pf doesnt do hostname resolution, its not supported by the filter so dns doesnt help, a reverse proxy would do a name resolution, though you can use ACLs to direct traffic from a name to an IP in a proxy also, and this isnt load balanceing, this would be na

Re: pf how-to: Single public IP --> many private NAT'd HTTPS servers

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Doug Poland <[EMAIL PROTECTED]> wrote: > > So, is the bottom line, one *cannot* hide multiple (NAT'd) SSL hosts > behind a single public IP? So my only solution, given apache and one > public IP, is a single host listening on 443 and each "domain" w

Re: pf how-to: Single public IP --> many private NAT'd HTTPS servers

David DeSimone wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Doug Poland <[EMAIL PROTECTED]> wrote: I have DNS resolution, the problem ( I think ) is in that pf simply sees the packet destined for my single public IP (because all my public host names must resolve to the same public IP ad

HFSC notes.

If you want to know something more for HFSC in this link there is some explanation on how to use and configure it to suit your needs. The link: http://forum.pfsense.org/index.php?PHPSESSID=efbbb6e4e74cdefced188b28de395e46&topic=2484.0 ___ freebsd-pf@fre

Re: pf how-to: Single public IP --> many private NAT'd HTTPS servers

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Doug Poland <[EMAIL PROTECTED]> wrote: > > I have DNS resolution, the problem ( I think ) is in that pf simply > sees the packet destined for my single public IP (because all my > public host names must resolve to the same public IP address) and port >

Re: pf how-to: Single public IP --> many private NAT'd HTTPS servers

the problem here is pf doesnt do hostname resolution, its not supported by the filter so dns doesnt help, a reverse proxy would do a name resolution, though you can use ACLs to direct traffic from a name to an IP in a proxy also, and this isnt load balanceing, this would be name based redirection.

Re: pf how-to: Single public IP --> many private NAT'd HTTPS servers

OutbackDingo wrote: On Mon, 2008-01-21 at 10:58 -0600, Doug Poland wrote: OutbackDingo wrote: On Mon, 2008-01-21 at 10:17 -0600, Doug Poland wrote: Hello, I've googled, read pf.conf(5) and the pf tutorial/faq, and experimented, but a working configuration eludes me. Here's my environment:

Re: pf how-to: Single public IP --> many private NAT'd HTTPS servers

OutbackDingo wrote: On Mon, 2008-01-21 at 10:17 -0600, Doug Poland wrote: Hello, I've googled, read pf.conf(5) and the pf tutorial/faq, and experimented, but a working configuration eludes me. Here's my environment: Firewall: FreeBSD 6.2-STABLE pf 1

pf how-to: Single public IP --> many private NAT'd HTTPS servers

Hello, I've googled, read pf.conf(5) and the pf tutorial/faq, and experimented, but a working configuration eludes me. Here's my environment: Firewall: FreeBSD 6.2-STABLE pf 1 public (routable) IP address HTTPS: FreeBSD

Current problem reports assigned to freebsd-pf@FreeBSD.org

Current FreeBSD problem reports Critical problems S Tracker Resp. Description o kern/111220 pf [pf] repeatable hangs while manipulating pf tables 1 problem total. Serious problems S Tracker