Date: Thu, 7 Sep 2000 12:20:02 -0700 (PDT) From: "Terje Oseberg" <oseberg@hotmail.com> To: freebsd-bugs@FreeBSD.org Subject: Re: misc/21056: Apache 1.3 Virtual Hosts don't work on 4.0-RELEASE Message-ID: <200009071920.MAA92105@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR misc/21056; it has been noted by GNATS.
From: "Terje Oseberg" <oseberg@hotmail.com>
To: freebsd-gnats-submit@FreeBSD.org
Cc:
Subject: Re: misc/21056: Apache 1.3 Virtual Hosts don't work on 4.0-RELEASE
Date: Thu, 07 Sep 2000 19:13:48 GMT
It turns out that the problem is with the firewall/nat combination
which I'm using.
Basically, when someone from the internet is accessing the web
server, the web server believes that they are comming in from
the internal IP rather than the external IP.
The way I fixed the problem was I added name virtual host entries
to the Apache config file for the internal IP numbers as well as
for the external IP numbers.
I also added a name for my interal IP number in /etc/hosts so that
Apache wouldn't have any problems looking it up.
For my firewall configuration, I added to my kernel:
options IPFIREWALL # Firewall
options IPFIREWALL_VERBOSE # Print information about
# dropped packets
options IPFIREWALL_DEFAULT_TO_ACCEPT # Allow everything by
# default
options IPDIVERT # Divert sockets
options IPFILTER # Kernel ipfilter support
options IPFILTER_LOG # Ipfilter logging
Then I added to my rc.config file:
# Normal stuff
network_interfaces="dc0 lo0"
ifconfig_dc0="inet 216.15.83.94 netmask 255.255.255.224"
defaultrouter="216.15.83.65"
hostname="alpha.etiam.net"
sendmail_enable="NO" # Run the sendmail daemon (or NO).
# NAT stuff
natd_enable="YES"
natd_interface="dc0"
ifconfig_dc0_alias0="inet 192.168.1.1 netmask 255.255.0.0"
natd_flags="-redirect_address 192.168.1.1 216.15.83.94"
# Firewall stuff.
firewall_enable="YES"
firewall_quiet="NO"
firewall_type="OPEN"
gateway_enable="YES"
tcp_extensions="YES"
##################################################################
To sum things up, there's definatly a strange problem with FreeBSD 4.0
which doesn't exist in pre-4.0 FreeBSD, but there's an easy workaround,
so this problem isn't really a big issue.
What's a big issue is the fact that it was extremely difficult to
diagnose the problem. I'm posting this followup in order to help
others who might want to have the same or similar setup resolve
their problems more efficiently.
(setup: Firewall, NAT, Apache, Name Virtual Hosts)
Terje Oseberg
_________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
Share information about yourself, create your own public profile at
http://profiles.msn.com.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200009071920.MAA92105>