RE: VSD Port access

[Tim Sellar]

I believe that when using vsdredirect Apache is normally configured to bind to a specific ip and port number. If, however, you are using the ipchains-based solution and placing Apache within each virtual server onto a different port number, Apache will not be configured to a specific ip-port but will instead to binding to the host server itself (0.0.0.0:8082, 0.0.0.0:8083 etc...). In either case the behaviour of ipchains when it comes to handling ip-aliases is not always predictable, and I would suggest that what you are trying to achieve is not going to work. It should be possible using iptables (which has better support for that sort of thing) - or, as you suggest, you should be placing your web-admin on a separate machine (which is the only practical arrangement for serious hosting anyway). Tim -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Bill Brigden Sent: 11 August 2001 17:43 To: [EMAIL PROTECTED] Subject: VSD Port access Hi all, I have been working on a test machine, with Redhat 7.0, and VSD 1.4.7-1. Its an older config, but is working well. However, when trying to setup ipchains rules to stop clients accessing port 1725 I found it impossible to block it from them, because within the VS's they were using the host server's IP address as source, so blocking them would be impossible without having the web admin on a completely different machine (or so i think...)   If someone could shed some light on this it would help. Oh, and by the way, I have tried using the suggested rules in security.txt   Thanks, Bill.