[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: redirect packets from any to different HTTP servers



> hi,
> 
> I want to replace an ISA server by PF. This ISA Server does 
> one thing I can't reproduce under PF. 
> For each domain it redirect to different host : for exemple 
> www.domain1.com , www.domain2.net have the same IP address 
> (i.e the ISA Server public IP) but different IP address 
> inside local lan because they run on different host. I guess 
> under ISA this is call "web publication". Can we do the same 
> thing under PF ? 
> I have find no examples in the "Building Firewalls with 
> OpenBSD and PF" book. There is always a redirection (rdr on 
> ...) with one HTTP server on DMZ.
you need a reverse proxy. squid can do it, but pound (http://www.apsis.ch/pound) can do it just as easily and isn't as complex as squid
we use pound along with authpf to restrict who can view what (upses, disk arrays, nagios, etc). it works pretty well for us
marco