Hi All,
i am currently using RH 6.2 with IPChains as my firewall. i hv two internal servers, one RH 7.2 and other Win2K and i want to expose the internal servers as webservers. What is the best way to do it. I do hv Apache running on firewall. so i can either reverse proxy it or i can open ports using IPchains to my internal servers. what is the difference between them and what are pros and cons.

thanks for the help.

-qweqwe

Hmm. I think you're trying to diff 2 apps from a different class. Apache is a server, and isn't capable of making decisions on what to let tru except it's got to enter on a TCP port like 80 or 443 to be processed, a firewall like ipchains (somewhat) can. OTOH, from what I've read Apache is able to take care of some form of redirection, (like loadbalancing?) and you get to use all the other modules like mod_rewrite, which ipchains can't cuz itll use static rules. Next to that it seems Proxy rewriting breaks some protocols like DAV, which ipchains couldn't.
I'm kinda wondering what the difference in performance would be...

Just my thoughts, and I know it's not well argumented like in "functionality vs security", but if it where my case Id go for the fw solution.

Someone plz correct me if I'm vewwy wwonk.