Double question: Apache mod_proxy and force connection over specific interface
Double question here ... Running on Debian Etch and Apache 2.0
1) Using mod_proxy and/or mod_proxy_http in apache 2.0.
The basics of using mod_proxy are pretty simple so long as you're using a static config. I'm trying to figure out how to do it dynamically - that is, allow the entry of a url via a form and proxy THAT url ...
Code:
ProxyPass /foo http://foo.example.com/bar
ProxyPassReverse /foo http://foo.example.com/bar
^^^^^^^^^^^^^^^^^^^^^^^^^^
This needs to be entered via form
This would be a simple page that has a drop-down list to select the outgoing interface (see part 2) and box to enter a url. Clicking the button would fetch the url using the selected interface.
2) Force a mod_proxy outgoing connection to use a specific local interface (eth0:1, eth0:2 and so on) each with its own IP address/network.
The local box this would be on would have several IP addresses configured via aliases. The form selection would allow the redirection/proxy to go out over a specific interface/address. This would let us validate the traffic paths and let the target site customize the content to the incoming source IP address.
Any ideas as to where to look to figure this out ?
2) Force a mod_proxy outgoing connection to use a specific local interface (eth0:1, eth0:2 and so on) each with its own IP address/network.
The local box this would be on would have several IP addresses configured via aliases. The form selection would allow the redirection/proxy to go out over a specific interface/address. This would let us validate the traffic paths and let the target site customize the content to the incoming source IP address.
If you create several virtual NICs as above, you can use destination specific routing to choose which interface to use. It's not quite what you've asked for but could be sufficient?
If you create several virtual NICs as above, you can use destination specific routing to choose which interface to use. It's not quite what you've asked for but could be sufficient?
Thanks, but that won't work The problem is that the remote URL can be anything, so you can't have any specific source routing in place.
I wonder if using wget or something which allows specification of the local IP address could come into play ? Since we know the local IP to use (from the form) we can craft a command-line wget to go grab the URL.
Hrm, how then to pass it back up the chain to the original requesting client browser ?
Your discription of what you want is not really very clear, but from what I understand of it.
Create N virtual hosts in Apache, each running on a specific ipaddress. Use mod_proxy + mod_rewrite with [P] directives on each to give you the dynamic proxying. Configure mod_proxy and mod_rewrite to proxy the primary webpage to the secondary proxy on the virtual hosts, via a base directory for each one.
Your discription of what you want is not really very clear, but from what I understand of it.
Create N virtual hosts in Apache, each running on a specific ipaddress. Use mod_proxy + mod_rewrite with [P] directives on each to give you the dynamic proxying.
Could you give an example ? As far as I can tell, mod_proxy uses static config lines - how do you make that dynamic based on what the client browser enters in the URL field of the base page ? See below ...
Quote:
Originally Posted by reborg
Configure mod_proxy and mod_rewrite to proxy the primary webpage to the secondary proxy on the virtual hosts, via a base directory for each one.
Secondary proxy ?
Let's say we have a really simple system set up, with 3 IP addresses :
eth0:1 is 10.0.1.1
eth0:2 is 10.0.2.1
eth0:3 is 10.0.3.1
I want a very simple basic page, with a pulldown list of the 3 IP addresses/interfaces, and an entry box to enter in a URL. The client browser selects eth0:1/10.0.1.1 and enters http://www.mydomain.com/testing into the entry field (could be any URL - that's key).
Apache then fetches http://www.mydomain.com/testing using 10.0.1.1 as the source IP address and presents back up to the client browser. mydomain.com thinks that the browser is actually coming from 10.0.1.1.
Hi..
I have very limited knowledge on LDAP and its configuration and but I have been trying to figure out one issue that takes place when I am running the program that is written in php, but so far its unsuccessful.
The server, I am working on is ldap server, which is running on Apache. After... (1 Reply)
Hi.
Can you please help me with a routing problem?
There are 2 networks:
192.168.10.0/24 (eth0)
192.168.11.0/24 (eth0:1)
The default gateway is 192.168.10.1
iPv4 routing is already enabled and working.
With vpnc I've built up an VPN connection and can access my home network... (0 Replies)
I have the following setup in my apache vhost:
ProxyPass /abc http://www.newest.com/
ProxyPassReverse /abc http://www.newest.com/
I want to setup a failover approach in which if after a particular timeout say 10secs the load shifts to some other website like Refer.com | The world. The timeout... (0 Replies)
Hi all,
I encounter some problem with my e1000g interface running on sol 10. I can't permanently change the auto-nego to disable, if i use ndd commands, it will only stay until the next reboot.
But i can't change the link speed either is set to /etc/init.d/nddconfig or using ndd commands.
... (1 Reply)
I am using Apache 2.2.3 on RHEL5 and having problems to get mod_deflate work with mod_proxy. mod_deflate will compress files by mime-type just fine as long as those files are served statically from the local server. However, files served via dynamic php application (ie, MediaWiki) or via... (2 Replies)
Hi,
I'm trying find out if there is a way to stop a brute force attack on a Webmail site. I'm trying to setup a webmail access, but I would like to prevent too many invalid logins from the same IP.
I've looked into Snort, but I was wondering if there was an application level firewall that can... (1 Reply)
My company has a private network, including a Apache web server (Linux) and some WinXP machines. The web server had been configured to use mod_proxy to connect to window update site via another company proxy server. It works for few years.
Recently, some parties had setup a DNS server on the... (2 Replies)
I am calling a Perl script that uses Net::FTP; from Oracle's Concurrent Request Manager and it fails becuase Oracle's version of Perl doesn't include the NET::FTP library's. The AIX box the script runs on has Perl installed with the needed library's, does anyone know how I can force my script to... (1 Reply)
01-07-2008
The problem is that the remote URL can be anything, so you can't have any specific source routing in place.