On Tue, 31 Aug 2004 09:09:20 +1200, C. Falconer
<cfalconer at avonside dot school dot nz> wrote:
> I've had a response from my ISP - they will not provide a second public IP
> on the cablemodem. I would have to get a second connection, cablemodem,
> monthly fee, etc, which I can't afford.
> So now I have fewer options. Having both criggie.dyndns.org and
> shell.canterbury.lug.org.nz resolve to 188.8.131.52 is easy. Can anything
> do server NAT based on the hostname asked for? I think not.
You can use Apache's reverse proxy feature to do what you mention, not
on m0n0wall, but on whatever server you open up port 80 to.
> I could simply use a bunch of other ports for services, so that ssh is on
> port 27 and so on. However that probably won't look good for web pages.
> Can m0n0wall and apache handle it by having a VirtualHost section then
> redirecting to a different internal IP?
Apache's reverse proxy will do what you describe. Alternatively, you
could setup one box on port 80 with virtualhosts using host headers,
and put appropriate redirects to other port numbers. i.e.
http://shell.canterbury.lug.org.nz would go to the box with port 80
and the virtualhost setup, then if you want to run that web server on
another box, you could set up a redirect to send it to
http://criggie.dyndns.org:81 or whatever.
The reverse proxy is probably the best way to do this. The above is a
hack, but it would work.
> Likewise the MTA will need to know how to do similar funky things.
Not really. If you want several different mail servers for different
domains, I would set up a SMTP relay to forward the mail to the LAN IP
of the server for that domain. You can do this easily with Qmail's
smtproutes, and I have a couple servers setup with Postfix doing a
similar task though I don't remember the config option used offhand.