|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
On Tue, Sep 24, 2002 at 07:37:26AM +0100, Thomas Thurman wrote:
: just for variety, here are two other ways:
:
: * run apache on the firewall, with mod_proxy. Get it to proxy everything
: sent to the address you're using to the webserver machine. (Be sure to
: fix it so that it doesn't proxy for just _anything_, though.)
Indeed, variety is the spice of life, but I'd probably run squid in
httpd acceleration mode instead. Squid's job in life is to proxy,
nothing else (other than optionally cache), probably bette suited...
: * run xinit on the firewall. In a "service http" paragraph, add a
: "redirect" line to the webserver machine.
Icky! It should work though..
Probably the easiest is an iptables rule to permit http to the private
address coupled with a DNAT rule and a SNAT rule.
--
Jason Costomiris <>< | Technologist, geek, human.
jcostom {at} jasons {dot} org | http://www.jasons.org/
Quidquid latine dictum sit, altum viditur.
My account, My opinions.
_________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.netisland.net/mailman/listinfo/plug-announce
General Discussion -- http://lists.netisland.net/mailman/listinfo/plug
|
|