The FreeBSD Diary

The FreeBSD Diary (TM)

Providing practical examples since 1998

As an Amazon Associate I earn from qualifying purchases.
[ HOME | TOPICS | INDEX | WEB RESOURCES | BOOKS | CONTRIBUTE | SEARCH | FEEDBACK | FAQ | FORUMS ]
FreeBSD Support
 New Topic  |  Go to Top  |  Go to Topic  |  Search  |  Log In   Newer Topic  |  Older Topic 
 route public ip to internal web server
Author: bigHairyBird 
Date:   22-10-04 02:27

I have built the awesome FreeBSD DHCP/NAT/Firewall. Friends are extremely jealous, beautiful woman (including my wife) long for my companionship, etc. etc.

But how do people get to my web server that is on the 'interior' of the network?

Say I have a domain named pitviper.com. DNS through Network Solutions now points pitviper.com to a public ip address of 137.118.255.144.

ifconfig shows that my xl0 nic is bound to the ip seen above.


But the ip address given by my nifty freeBSD DHCP server to my web server on the 'interior' is 192.168.70.148

How do I 'route' web server requests hitting the 137.118.255.144 ip address to the web server at 192.168.70.148?

Isn't this stuff just to cool!



Reply To This Message
 
 Re: route public ip to internal web server
Author: peterg22 
Date:   22-10-04 21:33

Hey ! This *sounds* like what I am trying to do, but I am stuck..

I have built a wireless access point address 10.0.0.12. It *doesn't* connect to *anywhere* else - it has it's own web server and bulletin board - don't ask me why I'm doing this .. is for a very good reason !

I got the DHCP server to lease my wireless laptop an address from the range 10.0.0.20 to 10.0.0.50 - no problem .. I'm so surprised :-)

How do I 'route' web server requests for (say) http://www.google.com go to
my web server at 10.0.0.12 ?

>>Isn't this stuff just to cool!

yes indeed !


I'm pretty certain it's a NAT issue which I haven't got running yet.

I'm assuming it's possible to do ?

Reply To This Message
 
 Re: route public ip to internal web server
Author: bigHairyBird 
Date:   22-10-04 22:17

What you need to do is all on the 'private' side of your network, or that is how I read it.

A user, who has received a private ip address from your DHCP server, tries to ping google.com and receives a reply at 10.0.0.12.

To do this it seems to me that all you would need to do is play with the resolv.conf files of the laptop.

A great NAT readme can be found here:

http://www.kcgeek.com/archives/howto/building_a_freebsd_natdhcp_gateway/050802.html

When you are done I'd say you will need to run DNS and point your ip leases to your DNS so that they go to your web server instead of the real google.

This is all conjecture and guesswork though. Damn, it would be nice if some freeBSD Jedi answered some of these questions.

Reply To This Message
 
 Re: route public ip to internal web server
Author: peterg22 
Date:   24-10-04 09:11

Thanks BHB .. it would be nice if it was all in resolv.conf.. Last night I had some fun using Apache mod_rewrite so if I can combine the two I should be up and running !

Now, I'm off to read that NAT link and I'll keep an eye open for that Jedi !

Message you later !

Reply To This Message
 
 Re: route public ip to internal web server
Author: BHB 
Date:   25-10-04 04:29

Ok, I have a solution.

I had to read man natd . . . . sometimes you have to actually fall back on those 5th grade skill sets.

Anywho, I have these lines present in my etc/rc.conf

natd_enable="YES"
natd_interface="xl0"
natd_flags="-s -u -m -redirect_port tcp 192.168.70.148:80 80"

The last line allows tcp packets at port 80 on my public interface to be 'redirected' to the interior ip address of 192.168.70.148 at port 80.

Pretty simple really.

Now, is this the best solution possible? How to I deal with multiple domain names resolving to the same public ip address?

Any insights are welcome!

Reply To This Message
 
 Re: route public ip to internal web server
Author: fianna 
Date:   02-11-04 07:22

nice solution... if it worked... i usually use natd.cf

good job

Reply To This Message
 
 Re: route public ip to internal web server
Author: bigHairyBird 
Date:   04-11-04 04:31

Thanks! Could you give an example of your use of natd.cf?

Having a trying time with BSD tonight. If I were a drinking man I swear to . . .

Reply To This Message
 
 Re: route public ip to internal web server
Author: fianna 
Date:   04-11-04 08:19

http://www.freebsdhowtos.com/39.html

i just dont use natd.conf rename that to natd.cf

l8r

Reply To This Message
 
 Re: route public ip to internal web server
Author: def 
Date:   18-11-04 00:50

BHB, you can have apache accessable for both internal and external querys. Check out your apache config file and look for: Listen IP. Just mirror that line with the second IP you want your server listening on. EG

Listen 192.168.1.10:80
Listen 24.150.10.210:80

That is my server listening inside and out. You are on your own with multiple domains on the same ip...u use virtual servers but I never messed with those.

A tool you may be interested in (if you dont have it) is webmin. it allows you to access your server via browser from any machine and gives LOTS of configuration capability.

My network is (at this point) pretty much like this: http://www.dedication.mine.nu/~def/network/, just for informational purposes.

Definately not a jedi - but I will help if I can
def

Reply To This Message
 
 Re: route public ip to internal web server
Author: bigHairyBird 
Date:   18-11-04 14:50

DEF,

I can't wait to give this a try!

First I must repair several spyware-infected personal computers, my main source of income is computer repair and work must come before the things I'd rather be doing.

Hopefully I will be able to give this a try this evening. Once I implement your suggestion I will report back.

If it works it's Jedi to me.

Reply To This Message
 
 Re: route public ip to internal web server
Author: def 
Date:   23-11-04 04:13

dying for feedback. did that fix things up for you?
def

Reply To This Message
 
 Re: route public ip to internal web server
Author: bigHairyBird 
Date:   23-11-04 15:53

DEF,

Presently I am making out invoices. I haven't had time to implement. The work thing is really getting in the way. Tomorrow I have a funeral to attend to (grandmother @ 94) and so there is a ton of stuff I have to cover today.

I will have time (hopefully) Thanksgiving day!


BHB.

Reply To This Message
 
 Re: route public ip to internal web server
Author: def 
Date:   23-11-04 23:50

jeze - sorry to hear about your grandma. Not meaning to pressure ya. Know how work is too...always getting in the damn way of life...o well. Good luck with the server - I will be goin to NY state for thanksgiving and probably won't check back in for several days....btw - DEF is def. Im a lower case kinda guy (get yelled at enough in that work thing). Later and good luck

def

Reply To This Message
 Forum List  |  Threaded View   Newer Topic  |  Older Topic 


 User Login
 User Name:
 Password:
 Remember my login:
   
 Forgot Your Password?
Enter your email address or user name below and a new password will be sent to the email address associated with your profile.
How to get the most out of the forum

phorum.org