On Sun, 17 Oct 2004, Soyrunner <(E-Mail Removed)> wrote:
> I have a small network of 4 systems, 2 Debian Woody, 2 Win98SE on a hub, the
> gateway with 2 NICS the second NIC to a cable-modem with a stable IP address
> tho DHCP. The machines use MASQ to access the internet. I use Apache for
> web access from the internet on the gateway. I also have Apache on one of
> the local machines running a BBS. The gateway machine has my homepage and
> some pages accessed frequently by a club's members. I use ipmasqadm portfw
> to send all connects to gateway:8080 back to 80 on the system with the BBS.
> This works well for the most part except at the college computer lab where a
> firewall rule I assume blocks connects to port forwarded boxes. I can
> connect to the BBS from the public library and from a dial-up.
>
> I've tried using the gateway Apache's VirtualHost to move connects to
> bbs.domainname.com to domainname.com:8080. The purpose was to allow the BBS
> to be addressed without 8080 specified in the address. Unfortunately this
> failed.
>
> http://bbs.domainname.com brings me to http://www.domainname.com instead of
> http://www.domainname.com:8080 or http://domainname.com:8080, either of
> which can connnect to the BBS.
>
> The BBS system machine is on a 'non-routable' private IP address,
> 192.168.1.16.
>
> So, my question:
> Is what I'm trying to do possible with Apache? I have such little activity
> on my private family&friends BBS the purchase of a dedicated IP address
> isn't in the picture.
See apache docs for mod_proxy and ProxyPass which can proxy an internal
server without having to use a non-standard port. But first get your name
based virtual hosting working with something in a directory. You need to
specify NameVirtualHost, which could be wildcard * if your public IP might
change (dynamic) or not directly on your gateway box (ie, if your modem is
a modem/router and gives you a private IP). Note that with
NameVirtualHost, the first virtual host is the default if there is no
ServerName or ServerAlias match with another vhost. If you do use a
non-standard port for one vhost, you may need to specify the port for all
vhosts, even IP:80.
It also helps to set UseCanonicalName off so any automatic redirects will
not get misdirected to the wrong server name.
Once you get the name virtual hosting working, you can switch from a
directory to ProxyPass to proxy the other private server. You will not
need ipmasqadm portfw. But isn't that from ipchains? If your system is
so old that it only has ipchains, it should likely be updated (due to a
number of security exploits including telnet and libs used by ssh and
apache ssl).
Similar Threads
Linear Mode
