IPtables/Fwbuilder: using to control incoming petitions of multiple domain names

Dorron · 02-22-2013, 03:43 AM

Hi:

Got a question. I have multiple domain names registered.

Example:

domain1.com
domain2.com

Got both DNS names pointing to my routers external address in hosters DNS server (one.com) so that petitions to domain1.com and domain2.com go to the same router.

All traffic is passed from the router to a firewall machine where I want to discriminate traffic coming to domain1.com and redirect it to webserver1 and traffic coming to domain2.com to webserver2.

Is it possible to set iptables/fwbuilder to do this based on which domain name was the client asking for?

I'm having trouble with this.

Any help would be welcome.

Thanks in advance.

Dorron

yowi · 02-23-2013, 07:44 AM

There is a string match option for iptables that may work, but it seems an ugly fix to an IP problem.

I suspect DNS could be used to specify a non-standard port for one domain and have your firewall NAT that to the appropriate box: http://www.anta.net/nic/draft-andrews-http-srv-01.shtml

Another option could be a load balancer or http proxy to redirect the requests from one web server to the other.

Dorron · 02-26-2013, 07:40 AM

Quote:

Originally Posted by yowi

There is a string match option for iptables that may work, but it seems an ugly fix to an IP problem.

I suspect DNS could be used to specify a non-standard port for one domain and have your firewall NAT that to the appropriate box: http://www.anta.net/nic/draft-andrews-http-srv-01.shtml

Another option could be a load balancer or http proxy to redirect the requests from one web server to the other.

Thank you very much for your reply. Much apreciated. I will look into it as soon as possible.

Could this be done not only for web servers but for mail servers, etc????

Thank you very much!