[lug] remotely accessible sub-domain

Paul Nowosielski paul at danamusic.com
Tue Feb 25 09:24:28 MST 2003


On Tue, 2003-02-25 at 12:53, jd wrote:
> On Tue, 2003-02-25 at 10:10, Michael Deck wrote:
> > At 10:03 AM 2/25/2003, you wrote:
> > >On Tuesday 25 February 2003 6:48 am, Paul Nowosielski wrote:
> > >> Hello,
> > >
> > >> How can I make 192.168.5.5 remotely accessible via http
> > >> and ssh? I would appreciate any help in this.
> > >>
> > >> Paul Nowosielski
> > >
> > >I don't think it is possible for the outside internet to 
> > >directly access 192.168.5.5, but you can attach a new ip 
> > >address to your mainbox (man ifconfig) and route http and 
> > >ssh packets going to the new ip address to the internal box 
> > >(192.168.5.5) using port forwarding (man ipchains or 
> > >iptables).
> > 
> > It's been a while since I've done this, but I don't think the new IP address is needed if you know which ports you want to forward. You can just port-forward port 80 (usual http) and 22 (usual ssh) ports of your main box directly to your internal box. If you need to open up more ports for forwarding, you just change your script and those ports go onto your internal box. The forwarding mechanism doesn't know what the packets are for, it just forwards certain ports. So if you decide you want your internal box to be an SMTP server, you just start up the SMTP daemon on the internal box and ask your mainbox to forward port 25. 
> > 
> > If you want to forward everything directed to a particular IP address, then Case is right -- you also need another externally-visible IP address for the main box. 
> > 
> > >Case Jones
> > >_______________________________________________
> > >Web Page:  http://lug.boulder.co.us
> > >Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> > >Join us on IRC: lug.boulder.co.us port=6667 channel=#colug
> > 
> > 
> > Michael Deck
> > Cleanroom Software Engineering, Inc.   
> > 
> > 
> 
> I agree this should be easy... just write nat rules to port forward
> from DSL public ip to Mainboxs ip then use iptables on the Mainbox
> to nat the ports you need to the other box. with teamwork
> of the dsl modem and Mainbox this can bee done.
> 
> good luck,
> -- 
> jd
> jd at taproot.bz
> 
> Bad spellers of the world untie!
> 
> "I can't tell if I have worked all my life or 
> if I have never worked a single day of my life"
> 			Miguel de Icaza
> 
> _______________________________________________
> Web Page:  http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> Join us on IRC: lug.boulder.co.us port=6667 channel=#colug
> 


Ok,
 
Port 80 and 22 are already forwarded from the modem to the main
box(10.0.5)and apache is listening for my domain name.So when I forward
port 80 from 10.0.0.5 to 192.168.2.2 it blocks apache from the 10.0.0.5
box.
I want to make 192.168.2.2 a sub-domain of 10.0.0.5 so apache from
192.168.2.2 only listens for subdomain.maindomain.com .
 
Can I do this with one Internet IP?

Paul Nowosielski





More information about the LUG mailing list