From owner-freebsd-questions@FreeBSD.ORG Tue Oct 12 18:27:30 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1B6EB16A4D1 for ; Tue, 12 Oct 2004 18:27:30 +0000 (GMT) Received: from lv.raad.tartu.ee (lv.raad.tartu.ee [194.126.106.110]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0C46143D49 for ; Tue, 12 Oct 2004 18:27:28 +0000 (GMT) (envelope-from toomas.aas@raad.tartu.ee) Received: Message by Barricade lv.raad.tartu.ee with ESMTP id i9CIRJ3m010356; Tue, 12 Oct 2004 21:27:19 +0300 Message-Id: <200410121827.i9CIRJ3m010356@lv.raad.tartu.ee> Received: from INFO/SpoolDir by raad.tartu.ee (Mercury 1.48); 12 Oct 04 21:27:19 +0300 Received: from SpoolDir by INFO (Mercury 1.48); 12 Oct 04 21:27:01 +0300 From: "Toomas Aas" Organization: Tartu City Government To: "Lars H. Beuse" , questions@freebsd.org Date: Tue, 12 Oct 2004 21:26:55 +0300 MIME-Version: 1.0 Content-type: text/plain; charset=US-ASCII Content-transfer-encoding: 7BIT Priority: normal In-reply-to: <200410120127.42002.bsd@dokfilm.org> Subject: Re: NameVirtualHost nat X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Oct 2004 18:27:30 -0000 Hi! "Lars H. Beuse" wrote: > i want some apache NameVirtualHost behind a Paketfilter based on ipf, placed > in two subnets. This router has two Cards one in the private net, one in the > public. So far i just forward port 80 and 443 into my private net > 192.168.2.0, but every request ends up on apaches rootlevel, NameVirtualHost > directive is useless. So, how to forward http(s):// requests through the > Paketfilter matching the right VirtualHost? Maybe i've thought in a wrong > direction, so far. Just some little hints should be enough. I can't be 100% sure because I haven't done this kind of thing myself, but I don't see why port forwarding should interfere with Apache's name-based virtual hosting. After all, they operate on different layers of the OSI model: port forwarding is purely TCP business while VirtualHosts are HTTP. I can tell you, though, that name-based virtual hosting can't be used with https. IIRC this is written in the FAQ on the mod_ssl webpage. -- Toomas Aas | toomas.aas@raad.tartu.ee | http://www.raad.tartu.ee/~toomas/ * If it wasn't for C, we'd be using BASI, PASAL and OBOL!