> I have a privately addressed server hosting multiple websites each with > it's own virtual ip on the machine, eth0:1, eth0:2, etc... and on the > firewall I have multiple public virtual ip's eth0:1, eth0:2, etc... I > already know how to DNAT back to one IP from the public side to the > private side. > > Iptables -t nat -A PREROUTING -p TCP --dport 80 -j DNAT --to-destination > 192.168.100.100 > > Is it possible with iptables to map multiple public ip's back to > corresponding private ip's? > > Ryan
As noted, this is possible w/ iptables, I do it with squid in accelerator mode using an internal dns. db.vhost.com: www.vhost.com IN A 192.168.100.100 This get's tiresome with a large amount of vhosts, I use it mostly for vmachines in our domain. ie: www4.domain.com, web.domain.com and so on. Cheers, -- Lance Levsen, Systems Administrator, PWGroup - Saskatoon
