You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@httpd.apache.org by Paul Aviles <pa...@palei.com> on 2006/03/12 17:19:33 UTC

[users@httpd] mod_rewrite question

I am pulling my hair out with this. I have a single public IP and already
have a web server redirected on the firewall from the external IP to the
private IP of 10.5.36.5. Now I need to enable another box (10.5.36.6)
running on port 80 to be accessible from the outside.

I can open port 81 on the fw and send it to the same 10.5.36.5, but can
apache handle redirecting the outside request from port 81 to a separate
internal ip 10.5.36.6 on port 80 and then send the requests back properly to
the public browsers?

If so guys please give me a hand with this as I cannot make heads or tails
with this and already tried for 2 days with no luck.

Thanks

Paul Aviles



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] mod_rewrite question

Posted by Krist van Besien <kr...@gmail.com>.

On 3/12/06, Paul Aviles <pa...@palei.com> wrote:
> I am pulling my hair out with this. I have a single public IP and already
> have a web server redirected on the firewall from the external IP to the
> private IP of 10.5.36.5. Now I need to enable another box (10.5.36.6)
> running on port 80 to be accessible from the outside.
>
> I can open port 81 on the fw and send it to the same 10.5.36.5, but can
> apache handle redirecting the outside request from port 81 to a separate
> internal ip 10.5.36.6 on port 80 and then send the requests back properly to
> the public browsers?
>
> If so guys please give me a hand with this as I cannot make heads or tails
> with this and already tried for 2 days with no luck.

You need to do the following:

Add a "Listen 0.0.0.0:81"
to the apache config on your first box, so the daemon listens to port 81.

Configure a virtual host on this port that proxies everything:
<VirtualHost *:80>
    ProxyPass / http://10.5.36.6/
    ProxyPassReverse / http://10.5.36.6/
</VirtualHost>

(Disclaimer: This is from memory, I have not actually tested this)

Krist

--
krist.vanbesien@gmail.com
Solothurn, Switzerland

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] mod_rewrite question

Posted by Joshua Slive <jo...@slive.ca>.

On 3/17/06, Gaël Lams <la...@gmail.com> wrote:
> > That is correct. My understanding is that Cisco Pix 505 can't do the port
> > forwarding so that is the reason why I was looking on doing this.
>
> If the only option you have is to open port 81 on the fw and send it
> to port 81 on the same 10.5.36.5, you have to to configure iptable on
> 10.5.36.5 to forward what arrives on port 81 to port 80 on 10.5.36.6.
> That's really the only solution I can think about

In fact, mod_rewrite can do exactly what is wanted here by acting as a
reverse proxy using the [P] flag and mod_proxy.  (It is not really
port-forwarding, since it acts at a different network layer, but the
effect is similar.)

Joshua.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] mod_rewrite question

Posted by Gaël Lams <la...@gmail.com>.

> That is correct. My understanding is that Cisco Pix 505 can't do the port
> forwarding so that is the reason why I was looking on doing this.

If the only option you have is to open port 81 on the fw and send it
to port 81 on the same 10.5.36.5, you have to to configure iptable on
10.5.36.5 to forward what arrives on port 81 to port 80 on 10.5.36.6.
That's really the only solution I can think about

Regards,

Gaëk

Re: [users@httpd] mod_rewrite question

Posted by Paul Aviles <pa...@palei.com>.

That is correct. My understanding is that Cisco Pix 505 can't do the port 
forwarding so that is the reason why I was looking on doing this.

Thanks

--
Paul Aviles

---------- Original Message -----------
From: "Gaël Lams" <la...@gmail.com>
To: users@httpd.apache.org
Sent: Tue, 14 Mar 2006 14:14:45 +0100
Subject: Re: [users@httpd] mod_rewrite question

> Hi
> 
> > I am pulling my hair out with this. I have a single public IP and already
> > have a web server redirected on the firewall from the external IP to the
> > private IP of 10.5.36.5. Now I need to enable another box (10.5.36.6)
> > running on port 80 to be accessible from the outside.
> 
> 10.5.36.6 is a physically separated server, isn't it (you said
> "another box")? If it's the case, it has nothing to do with
> mod_rewrite, only with your firewall (I suppose that you only have 
> one unique public ip address). You need to configure your firewall 
> to forward requests made oon port 81 to 10.5.36.6:80.
> 
> Regards,
> 
> Gaël
------- End of Original Message -------


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] mod_rewrite question

Posted by Gaël Lams <la...@gmail.com>.

Hi

> I am pulling my hair out with this. I have a single public IP and already
> have a web server redirected on the firewall from the external IP to the
> private IP of 10.5.36.5. Now I need to enable another box (10.5.36.6)
> running on port 80 to be accessible from the outside.

10.5.36.6 is a physically separated server, isn't it (you said
"another box")? If it's the case, it has nothing to do with
mod_rewrite, only with your firewall (I suppose that you only have one
unique public ip address). You need to configure your firewall to
forward requests made oon port 81 to 10.5.36.6:80.

Regards,

Gaël