-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Robert Harrison wrote: > Thanks for the quick reply but I'm not sure I understand. Here is the > Shorewall "rules" file: > # > # Shorewall version 2.0 - Rules File > # /etc/shorewall/rules > # Accept all http and ssh connections to anneMC > DNAT net loc:192.168.1.120 tcp http,https,ssh - 173.x.x.178 > DNAT net loc:192.168.1.120 tcp http,https,ssh - 173.x.x.179 > DNAT net loc:192.168.1.120 tcp http,https,ssh - 173.x.x.180 > DNAT net loc:192.168.1.120 tcp http,https,ssh - 173.x.x.181 > DNAT net loc:192.168.1.120 tcp http,https,ssh - 173.x.x.182
<snip> > I thought the purpose of the "Original Destination" in the DNAT rule > was to pass the IP address used to access the website. Could you tell > me what is wrong with this (rules) setup? You are routing traffic from all of your original destinations to the same final destination. Since they all point to the same internal IP address, apache on your internal system has no way to tell which IP they were originally sent to on the firewall. You need to change the internal IP address on each rule, and add more IPs to your internal apache box, something like: DNAT net loc:192.168.1.120 tcp http,https,ssh - 173.x.x.178 DNAT net loc:192.168.1.121 tcp http,https,ssh - 173.x.x.179 DNAT net loc:192.168.1.122 tcp http,https,ssh - 173.x.x.180 DNAT net loc:192.168.1.123 tcp http,https,ssh - 173.x.x.181 DNAT net loc:192.168.1.124 tcp http,https,ssh - 173.x.x.182 ...then you can use the unique internal IP addresses in your apache configuration to do IP based virtual hosting. - -- Charles Steinkuehler char...@steinkuehler.net -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iD8DBQFK80tSLywbqEHdNFwRAoGbAJ44lSk21d5KcCO/2U2eLMXBvVz5PwCfT+6o L9juZ80HsqwQoQ9gN+3mUog= =nEGp -----END PGP SIGNATURE----- ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july ------------------------------------------------------------------------ leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
