[clug] Apache internal n/w Redirect/proxy clues

Ben Coughlan ben.coughlan at gmail.com
Thu Jul 29 23:56:20 MDT 2010


Indeed you can. The basics revolve around the ProxyPass and ProxyPassRevere directives.  Once you have mod_proxy(_http) installed you just add these where you want to proxy-ing to happen, eg:

<VirtualHost *:80>

    ....

    ProxyPass    /internal/    http://10.0.0.2/
    ProxyPassReverse    /internal/    http://10.0.0.2/

    ....

</VirtualHost>

Will forward the requests to 10.0.0.2.  Note that trailing slashes are important.

The trickiest part is aligning the context roots of the internal service with the path they are accessed externally, 

ie. http://www.example.com/int1 -> http://10.0.0.2/

Might not give the results you expect, missing style-sheets for example.  The easiest way to avoid this is to have separate VirtualHosts for each of you proxied services.  But I'll leave that for if you actually have problems.

The relevant docco can be found here

http://httpd.apache.org/docs/2.0/mod/mod_proxy.html

Let me know if you have any issues with you particular setup.  Some services are easier to proxy than others.  This has been my bread and butter for the last 6 months :)

Ben Coughlan

On 30/07/2010, at 3:32 PM, Neil Pickford wrote:

> Hello
> 
> I use a Linux machine as my Internet gateway, Apache web server, mail server and NAT router for the rest of the machines in my home network.
> I have a couple of other web servers on the internal (NATed) network that I want to access from the Internet side.
> 
> I have been doing this using masquerading and port forwarding using obscure high port numbers, and although this is working recent changes to my work firewall are now blocking the ports I have been using, so it no longer functions from where I most often use it :(
> 
>                                    |----House Web Server (Apache)
> Internet ----- Gateway/WWW/NAT -----|----TV Web Scheduler (Java/IIS)
>               happy.emu.id.au      |----Windows XP Clients
> 
> Rather than port scanning the work firewall to find another couple of open ports to use (there may now be none), I was wondering if I could denote a folder in the website on the gateway machine and use the gateway web server to proxy the web pages from the other machines (as it can see all the required machines {house & wstv}).
> 
> This is sort of like a redirect, however the external web browser will not be able to see the referenced internal machine directly so the typical web redirect where the external browser gets the page will not work.
> 
> Is there a way I can tell Apache to alias/proxy certain folders to the internal machines.  In this way I can use the standard port 80 web interaction which will work through the work firewall?
> 
> I am sure there must be a method to do this, have tried looking this up but as I don't know what the method is called I cannot find first base on how to do it.
> 
> Any pointers / clues would be much appreciated.
> 
> Neil Pickford
> -- 
> linux mailing list
> linux at lists.samba.org
> https://lists.samba.org/mailman/listinfo/linux



More information about the linux mailing list