On Tue, Nov 11, 2003 at 03:29:32PM +0200, Eli Marmor wrote:
> Sorry for disagreeing, but of course it is a proxy specific issue; As
> far as I know, no other module connects to another server (ignoring
> mod_rewrite which uses mod_proxy for this purpose).
>
> And as the original sender hinted by the "Subject" header, it is easy
> to implement: just "bind()" the required IP into the socket before
> calling "apr_connect()" (it may require a minor fix in APR, I'm not
> sure).
>
> Port number should be left 0, to let the kernel choose its own
> ephemeral port.
>
> I believe that we should give more attention to this question. In my
> first look, it is easy to add directives ("ProxyIP"/"ProxyHost"?) and
> code to implement it ("bind()"), and it looks useful for some needs.
>
> Even without the additional directive, when the original request
> reached to a specific vhost, it would make sense to bind the outgoing
> socket to the IP of that vhost (as the original sender wished).
>
Thanks,
such feature would help me alot and very useful also for some others.
My problem is here I want to replace a reverse proxy server with another
server, everything is already setup since years (firewall rules, rules in the
backend web server..). It is easy to take over the destination ip address of
the reverse proxy from the old one to the new one, I just need to make
alias with ifconfig and put this ipaddress in the apache configuration.
But if the mod_proxy use another ip address to connect to the backend
server, we have also to do something with firewall rule and also we have
to care about the access control list in every backend servers, and if I am not
carefull enough, it will break the security just because the reverse proxy
has different ip address to connect to the backend server.
So, if it is possible to bind mod_proxy to a specific ip address or at least
the same ip address as defined in the virtual host, the transition to the
new server will be much more easier.
thanks again,
cahya.
