This problem probably has a simple solution, so I'm hoping the experienced shorewall users can help me.
I've got a 3-interface (net,dmz, & loc) firewall and have several apache2 virtual web sites in the dmz. They come into 1 apache server in the dmz, and are redirected with the directive "ProxyPass" and "ProxyPassReverse" in my Apache "sites-enabled" files to other servers in the dmz. In most cases, the proxy'd web servers are in virtual machines in the dmz. In 1 case, however, I want to have this server in my local subnet. So here are the details: Ext IP -> Shorewall -> Apache2 at 192.168.2.150 -> PROXYPASS -> Apache2 at 192.168.1.22 Currently, when I try this, I get a "503 Service Temporarily Unavailable" error. The server at 192.1.168.22 works just fine when I access it from within the local subnet. Additionally, thre are no weird errors in any of the apache logs. I am sure this is a firewall problem. I've read the Squid Proxy documentation, but I am not knowledgeable enough to apply this to my situation. Can someone suggest the correct entry into the "rules" file to allow the apache server in the dmz to proxypass to a server in the loc subnet? TIA! -- Casey Bralla Chief Nerd in Residence The NerdWorld Organisation http://www.NerdWorld.org ------------------------------------------------------------------------------ Don't let slow site performance ruin your business. Deploy New Relic APM Deploy New Relic app performance management and know exactly what is happening inside your Ruby, Python, PHP, Java, and .NET app Try New Relic at no cost today and get our sweet Data Nerd shirt too! http://p.sf.net/sfu/newrelic-dev2dev _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users