accessing a jail via localhost
Patrick C
patrick at filespanker.com
Wed Jul 16 13:47:17 PDT 2003
I'm facing a problem with accessing a HTTPd (Apache) jail locally. Consider
this jail scenario:
/etc/hosts:
127.0.0.1 localhost foo.com
172.16.0.1 apache
/etc/natd.conf:
use_sockets yes
same_ports yes
unregistered_only yes
redirect_port tcp 172.16.0.1:80 80
redirect_port tcp 172.16.0.1:443 443
/etc/firewall.sh
...
${fwcmd} add divert natd all from any to any via ${oif}(IPFW)
...
rl0, my external net inferface, is aliased to 172.16.0.1. Apache 1.3 is
installed in /usr/jail/httpd. There are <VirtualHost> directives for 5
different hosts, one of them is foo.com.
The problem is created by the fact that the hostname of this system is
"foo.com", aliased to 127.0.0.1 in /etc/hosts. If I try to access the httpd
with http://172.16.0.1/, the page for foo.com doesn't appear, only the
default page for Apache ("Welcome to Apache!"). However, http://foo.com/ can
be accessed remotely because natd will actually forward it to the jail if the
request originates outside of this machine.
If it were as easy as changing foo.com to 172.16.0.1 in the hosts file, I
would, but other services are dependent on the hostname. I've also tried this
rule with IPFW:
{fwcmd} add fwd 172.16.0.2,80 tcp from any to localhost 80
...any suggestions? Help is very much appreciated.
More information about the freebsd-ipfw
mailing list