Menu
▾
▴
Re: [Shorewall-users] Two HTTP servers on DMZ
|
From: Devel <de...@st...> - 2004-06-13 14:52:16
|
Thxs a lot. This work fine... Alberto At 16.23 13/06/2004, you wrote: >Devel wrote: >>Hi all. >>This is my first post at this list. >>I've installed SHOREWALL and work well for me. Thxs. >>I have one problem. >>I have two HTTP servers (both work with 80 port). My actual rule: >>DNAT net dmz:192.168.0.2 tcp 80 >>work well for one server. >>At eth0 I have 3 public ip and i want to make something like this: >>all requests to public ip one to port 80 (151.36.32.132) nat to dmz ip >>192.168.0.2 and >>requests to port 80 to second public ip (151.36.32.134) nat to dmz ip >>192.168.0.4 > >The answer to this question can be found at: > >a) The Shorewall FAQ -- FAQ #1 (If you want to forward requests directed >to a particular address....). > >b) The Aliased interface documentation >(http://shorewall.net/Shorewall_and_Aliased_Interfaces.html) in the DNAT >section. > >c) The examples in your own rules file (All http requests from the >internet to address 130.252.100.69 are to be forwarded to 192.168.1.3). > >Be that as it may, the two rules you need are: > >DNAT net dmz:192.168.0.2 tcp 80 - 151.36.32.132 >DNAT net dmz:192.168.0.4 tcp 80 - 151.36.32.134 > >You must of course have the public IP addresses configured on your >external interface (see reference b above) or they must be routed to your >firewall by the upstream router). > >-Tom >-- >Tom Eastep \ Nothing is foolproof to a sufficiently talented fool >Shoreline, \ http://shorewall.net >Washington USA \ te...@sh... > >_______________________________________________ >Shorewall-users mailing list >Post: Sho...@li... >Subscribe/Unsubscribe: >https://lists.shorewall.net/mailman/listinfo/shorewall-users >Support: http://www.shorewall.net/support.htm >FAQ: http://www.shorewall.net/FAQ.htm |