From owner-freebsd-questions@FreeBSD.ORG Wed Sep 27 17:37:23 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5A79216A407 for ; Wed, 27 Sep 2006 17:37:23 +0000 (UTC) (envelope-from dwiest@vailsys.com) Received: from dprobd02.vailsys.com (dprobd02.vailsys.com [63.149.73.146]) by mx1.FreeBSD.org (Postfix) with ESMTP id CD5E543D58 for ; Wed, 27 Sep 2006 17:37:21 +0000 (GMT) (envelope-from dwiest@vailsys.com) Received: from dfsfbd06.vail (dfsfbd06.vail [192.168.129.190]) by dprobd02.vailsys.com (Postfix) with ESMTP id E79C88A5C8C; Wed, 27 Sep 2006 12:37:20 -0500 (CDT) Received: from dfwdamian.vail (dfwdamian.vail [192.168.129.233]) by dfsfbd06.vail (Postfix) with ESMTP id B4C30323EB9; Wed, 27 Sep 2006 12:37:20 -0500 (CDT) Received: from dfwdamian.vail (dwiest@localhost.vail [127.0.0.1]) by dfwdamian.vail (8.13.4/8.13.4) with ESMTP id k8RHSafo014231; Wed, 27 Sep 2006 12:28:36 -0500 (CDT) Received: (from dwiest@localhost) by dfwdamian.vail (8.13.4/8.13.4/Submit) id k8RHSYrV008533; Wed, 27 Sep 2006 12:28:34 -0500 (CDT) X-Authentication-Warning: dfwdamian.vail: dwiest set sender to dwiest@vailsys.com using -f Date: Wed, 27 Sep 2006 12:28:33 -0500 From: Damian Wiest To: Chris Message-ID: <20060927172833.GA23474@dfwdamian.vail> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4.2i Cc: FreeBSD Questions Subject: Re: rewrite of multiple incoming IPs into a single IP X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 Sep 2006 17:37:23 -0000 On Tue, Sep 26, 2006 at 06:49:50PM -0700, Chris wrote: > I have spent the day trying to get multiple IP addresses rewritten to > a single address using IPFW and NATD. Is there a simple way to do > this. If I put natd on the public interface, it grabs it and the > system hangs at boot. Is there an interface for keeping the packets > local to the system where divert can pass them, natd rewrite them and > reinsert them into ipfw? The application is what I asked about two > days ago, funneling multiple external websites on different addresses > into a single jail that works of Apache's NameVirtualHost. Thought it > was the easy part but so far it's the only part that is not working, > the jail and apache work great. I think I need a divert rule that > goes to an internal interface (tun0?) and be able to start natd on > that interface. I actually tried tun0 but it was not recognized (I'm > not configuring for ppp). It would seem that if I can get over this > hurdle, I could use the redirect_address within natd to perform the > magic I need. > > Please tell me if I'm trying to do something absurd or if this should > be directed to a different list. > > Thanks > Chris If I understand your problem correctly, you're trying to host multiple websites, each with its own IP address, on one server. Why not use IP aliasing (see ifconfig(8)) with multiple instances of Apache? For example, in rc.conf add some lines like: ifconfig_bge0="inet 208.64.173.114 netmask 255.255.255.0" ifconfig_bge0_alias0="inet 208.64.173.116 netmask 255.255.255.0 broadcast 208.64.173.127" ifconfig_bge0_alias1="inet 208.64.173.118 netmask 255.255.255.0 broadcast 208.64.173.127" You'll then need to run an instance of Apache for each ip address. This assumes that each website's IP is in the same network. With the setup I've described above, you could also use nat to direct packets to one of your IPs. From what you've described, I don't see how you'll ever receive packets addressed for the other IPs since you're not handling arp. -Damian