The FreeBSD Diary

The FreeBSD Diary (TM)

Providing practical examples since 1998

If you buy from Amazon USA, please support us by using this link.
[ HOME | TOPICS | INDEX | WEB RESOURCES | BOOKS | CONTRIBUTE | SEARCH | FEEDBACK | FAQ | FORUMS ]
FreeBSD Support
 New Topic  |  Go to Top  |  Go to Topic  |  Search  |  Log In   Newer Topic  |  Older Topic 
 Jail and Apache
Author: roadrash96 
Date:   21-06-06 07:02

I have already setup a jail and need it to host one of four websites running on this server. What do i need to do to make it so if someone wants the website that is being hosted in the jail and not the host that they get to it. Currently i'm running a monowall as my gateway and nat. Windows 2003 as a domain controller and Freebsd 6.1 stable as my webserver and mail server. The reason is the site i need in a jail is a forum site with known security issues. but i don't want to run all my sites in the jail cause then thier is no reason to have the jail. Thanks. PS i'm knew at this, Still learning FreeBSD but have some local help that will understand anything i can't.

Reply To This Message
 
 Re: Jail and Apache
Author: Dan 
Date:   21-06-06 11:08

Have you read the Jail article on this website? If so, what specific problem are you having?

http://www.freebsddiary.org/jail-5.php

--
Webmaster

Reply To This Message
 
 Re: Jail and Apache
Author: roadrash96 
Date:   21-06-06 20:12

I'll try to elaberate. I have one outside IP address, My monowall currently forwards all requests for port 80 to my freeBSD server. The host server is running apache and the websites (which are working right now) I have recently began setting up a Jail on that host server. The purpose of the jail is to run one website. The jail is up and running. I can putty into the jail without issue. I will be installing all the nessesary ports in the jail for it to run the forum website that it need to run. I want the other 3 websites i run to be on the host server so if some hacks through the Forum website they can't bring down my other websites. Is thier a way you know of to forward requests by host name to the ip address of the jail while allowing all other website host names to the host server ip address. Yes i have read the jail info youhave provided and used it to get my jail working. Thanks for any help you can be.

Reply To This Message
 
 Re: Jail and Apache
Author: Dan 
Date:   21-06-06 20:21

The problem is getting your firewall to forward port 80 to two different IP addresses (the host, and the jail). Given that you have just one IP address on the outside, the forwarding has to somehow know that some http requests should go to one IP address, and some to another. It sounds to me like you need a special http proxy to inspect the httpd packets and figure out the hostname within the http stream.

The details in your second post are very important to the situation.

I don't know what can do this, but perhaps running a proxy on your gateway can help. I don't know how this will fit in with monowall.

--
Webmaster

Reply To This Message
 Forum List  |  Threaded View   Newer Topic  |  Older Topic 


 Forum List  |  Need a Login? Register Here 
 User Login
 User Name:
 Password:
 Remember my login:
   
 Forgot Your Password?
Enter your email address or user name below and a new password will be sent to the email address associated with your profile.
How to get the most out of the forum

phorum.org