On 01/13/07 10:11, Jan Engelhardt wrote:
Only if www.domain.com has a distinct ip address from dl.domain.com. If that does not hold true, use Apache's mod_rewrite magic, because then you are actually working on l7 rather than l3.
I'm not sure that mod_rewrite by its self will provide that much help. If you use mod_proxy, possibly in conjunction with mod_rewrite, you can configure a virtual domain of Apache to be a reverse proxy. Thus when a client connects to Apache on 80 asking for a virtual domain, Apache will then go and as thttpd for the contents on behalf of the client. This will mean that the clients will never have to choose a different port. If you need help with such, email me directly as this is not really a Netfilter issue.
Regarding L7 filter, it may work, but you would have to make sure that the returning traffic was un-redirected. If you do not un-redirect the traffic, there is a very good chance that clients will see returning traffic directly from the thttpd server on port 81, thus the clients firewall and / or client IP stack will stop the connection.
Grant. . . .
