RE: pf or apache redirect?

Thu, 13 Sep 2001 08:29:26 -0700 

What you are talking about is port forwarding (forwarding a port with a
public IP and tying it to a private IP). There is a solution for this,
though not inexpensive. A WatchGuard firewall box is the perfect solution
for you. It will support DHCP for your internal network, allow you to access
the outside world with the public address and firewall inbound and outbound
traffic. It will even allow you to block sites, etc.
It is simple to use and setup and includes a one year subscription to the
Live Security updates from them. I do not work for them, I am an avid
supporter since putting their Firebox 1000 online. It has prevented several
'hacks' on my network.

It works like this:
You setup the external port with your public address (64.xxx.xxx.xxx or
whatever) and the trusted port with your internal network addressing
(192.168.xxx.xxx or whatever), you will need to understand slash notation
(192.168.1.1/29 or anything you will be using). Then inside the firebox you
would setup a forward to the IP (fixed) of the unit(s) you want to have
accessed from outside (i.e.:192.168.1.1 ---> 64.4.15.21). It's easy! It's
all done via GUI and it is so easy it's scary!

-----Original Message-----
From: Paul Nevin [mailto:[EMAIL PROTECTED]]
Sent: Friday, August 10, 2001 12:03 AM
To: [EMAIL PROTECTED]
Subject: pf or apache redirect?


Is there a way to redirect http requests within ipf/pf/iptables to an ip
within a private network range?  Or is this something that is usually
done within Apache VirtualHosts directives?  Confused? So am I!

I am trying to build a web server (http://clientdomain.com) within my
LAN.  My own registered domain (http://mydomain.com) has had a CNAME
entry registered for clientdomain.com pointing to mydomain.com.  In this
way I hope to somehow redirect internet requests for
http://clientdomain.com to my gateway/firewall/router.  The gateway
would forward these requests to the customer's www server within the
private address space of the LAN (192.168.1.x).

The catch is I only have one registered "real" ip and that is already in
use by my official web site.  Re-directs based only on http requests
would be the only way I can see to make this work.

I can not find any information on doing this with ipf/pf so I assume
there must be some sort of Apache directive that can do this within my
existing web server.

Help appreciated.

Reply via email to