LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 07-31-2004, 01:44 AM   #1
yzxix
LQ Newbie
 
Registered: Jul 2004
Location: VA
Distribution: RHL 9
Posts: 2

Rep: Reputation: 0
Web server behind RHL 9 Firewall


I'm trying to set up a few webservers behind a RHL 9 firewall. I've tried Google for hours, and wouldn't be writing this unless I was sure I was completely lost.

Basically, my situaltion is thus:
I have several webservers - each with it's own IP address

I have a RHL 9 server that's set up for IP masquerading (which works) - though I'm not sure if I did all this for nothing yet.

I would like to make the webservers use LAN IP's (ie 10.0.xxx.xxx) and go throught the RHL system - but I need to save the IP addresses (Due to too many DNS's to upadate, among other things). This somewhat goes against the very purpose of IP masquerading, I know. Instead of trying to save IP space, I'm trying to preserve my IP addresses per machine.

I was thinking doing something like (bogus IP's, of course):
ifconfig eth0:1 12.13.14.15 netmask 255.255.255.0

to set the IP as an alias to eth0 (which works), then doing:
iptables -t nat -A POSTROUTING -o eth0:1 -s 10.0.0.10 -j SNAT 12.13.14.15

to forward all of the packets destined for 12.13.14.15 to 10.0.0.10, but this doesn't work.

Everything I've been able to find so far deals with port forwarding - which isn't an option either - as there are several different servers running the same services on the same ports.

Any help would be greatly appreciated
 
Old 07-31-2004, 07:52 AM   #2
marghorp
Senior Member
 
Registered: Jan 2004
Location: Slovenia
Distribution: Slackware 10.1, SLAX to the MAX :)
Posts: 1,040

Rep: Reputation: 45
Try searching for virtual hosts. I believe in RH9 there is a GUI way of doing this. Somewhere System settings --> Server settings....

Search google for virtual host.

Good luck!
 
Old 07-31-2004, 08:02 PM   #3
yzxix
LQ Newbie
 
Registered: Jul 2004
Location: VA
Distribution: RHL 9
Posts: 2

Original Poster
Rep: Reputation: 0
I found out how to forward the websites to their respective internal IP's. This seems to work
http://killyridols.net/firewallweb.shtml
(3rd one down on a Google search for "virtual hosts behind firewall", btw)

I went under System settings --> Server settings and pulled up DNS on the RHL 9 box. It's not even reporting domains on the server? Does this tool only recognize domains it creates - or do I have DNS misconfigured? I'm going to try to reconfigure it through this tool and see what kind of zone files it spits out.

While the fix above does work for my webservers, these machines need to perform other operations as well (mail, nntp, etc) does this mean I have to configure each service on the routing box to alias out for each server? I was thinking there must be some way to just tell the router to push everything for 12.13.14.15 to 10.0.0.10 and so on - regardless of port/protocol and not have to reconfigure each service on the router (as this would get a bit tedious after the first 200 computers or so - not to mention the size of the httpd.conf file if a decent number of servers/sites are to be hosted).

Thanks for the input on the vhosts though - at least that's something I can do if I absolutely must.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Web Server Firewall > YOUR EXPERIENCE Fr33B5D Linux - Networking 1 09-02-2005 01:54 AM
Web Server / Firewall Issue JohnLocke Linux - Newbie 3 03-10-2005 02:16 PM
cant access web server behind NAT/firewall vermaamitabh Linux - Security 3 11-10-2004 11:43 AM
Safest way to setup my Firewall, E-mail & Web Server matthew.collins Linux - Security 3 06-17-2004 05:38 PM
Linux firewall and web exchange server SSBN Linux - Networking 1 06-22-2003 06:44 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 01:41 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration