On Sun, Jun 04, 2006 at 11:45:15AM +0200, Dirk Meyer wrote: > To allow diifrent "named" Services on one WAN IP, > you need to do this in the server application. > > Vsftpd and apache do support "Virtual Hosts" > so you can map HTTP and FTP services on > the name used by the client to access this IP. You can of run a single httpd on your main IP, and use this to proxy different virtual hosts to different (private) IPs which are in the jails, if you want each client to run their own http daemon. However, this means that the jail httpd's will see all incoming requests coming from your own IP. In order for logs and access controls to work properly, install mod_extract_forwarded on the clients' httpd servers, and AddAcceptForwarder x.x.x.x where x.x.x.x is the main server's IP. This is just for httpd though. There are many other services which can't be virtualised in this way, such ftp and ssh. If you want your clients to have these services, but sharing a single IP, then you can either run a single instance of the daemon which uses the login username to distinguish between them, or you can run multiple instances of the daemon on different ports. You can use redirection (e.g. with pf) to redirect, say, x.x.x.x:10022 to 192.168.0.1:22 HTH, Brian.Received on Mon Jun 05 2006 - 05:55:07 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:38:56 UTC