Jonas bazz Egidius wrote:
>
> will trillich wrote:
>
> > On Tue, Jun 12, 2001 at 06:05:58PM -0700, Adahma wrote:
> > > Is there a way to tell apache to "defer" to another IP address?
> > > What I'm trying to do is...I have a sub-domain just entered as a
> > > CNAME entry pointing to my main machine. The actual machine that
> > > serves up the content I want is on an internal IP address behind my
> > > firewall running it's own web-server. Is there a way I can pull
> > > that from the other machine. The other machine I should mention is
> > > a windows box, that I want to serve up some documents.
> >
> > <guess>i bet that's what proxying is all about.</guess>
> >
> > if you figure it out, feel free to broadcast your findings both
> > here and at http://newbieDoc.sourceForge.net/
>
> If you forward a port (ie. 7654), using iptables or
> ipchains or redir or another application for it, to the
> machine behind the firewall and then do a:
>
> Machine towards the internet: 313.164.249.280
> Machine behind: 192.168.0.4
>
> <VirtualHost 213.64.149.180>
> ServerName my.other.machine.behind.the.firewall
> RedirectMatch ^/(.*)$ http://my.other.machine.behind.the.firewall:7654
> </VirtualHost>
>
> Then if someone tries to access http://my.other.machine.behind.the.firewall
> they get redirected to http://my.other.machine.behind.the.firewall:7654
> and since port 7654 is forwarded to 192.168.0.4 you reach
> that machine.
>
> Do I make any sence or should I try to be clearer?
right. so if they just come directly into
http://my.other.machine.behind.the.firewall:7654/
they get port-forwardrd to the internal machine. that's how
i do it, anyway.
but how can you do this WITHOUT port forwarding? how
do you get the proxy thing to do its magic? or is there
something else?
[and, what security ramifications are there for port-forwarding?
it'll be a difference that black-hatted snoopers can detect;
can they use the port to foment a breakin somehow?]
--
mailto:[EMAIL PROTECTED]
http://www.dontUthink.com/
