Problem:
Two different applications that need to be accessible on port 443 on one
host with 1 ip address. Apache already runs on the destination machine
and uses port 443.
Partial solution:
1. Change DNS to tell the client to connect to another host, and.
2. use another host that is not running anything on port 443 to receive
and forward the connctions using a "-j DNAT --to-destination" rule.
But:
What happens when a client on the destination also needs to connect and
looks up the service in DNS? It connects out and is DNAT'ed back to itself.
A quick diagram:
http://docs.google.com/drawings/pub?id=1dxCOw8wbAhyuz7z1-ukJfmKOHcymsqN6YTRCjrTh_MY&w=1440&h=1080
My question is what DNAT or SNAT rules do we need to add to cave or to
maar so that remote *and local (originating from cave)* clients can make
xmpp connecitons on 443 and end up on cave:5222?
S.
--
Simon Tennant
+44 20 7043 6756 (UK - office)
+49 17 8545 0880 (Germany - mobile)
+49 89 4209 55854 (Germany - office)
skype: simontennant
xmpp: simon@xxxxxxxxxxxxxx
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
