Using Apache as proxy in port-forwarding role (inward to misbehaving NATted devices)

Philip Prindeville philipp_subx at redfish-solutions.com
Tue Jun 17 01:23:31 UTC 2008


Howdy.

I have a machine with a couple of NIC's that is both my firewall and 
HTTP server.  It's running FC8.

It has Apache installed on it.

Behind the firewall, are various devices and servers.  All of the 
devices on my LAN are NATted using an unroutable address.

One of the devices is an embedded controller of sorts that has an 
extremely poorly written web server.

I can't simply port-forward (using iptables) a port (other than 80) to 
this embedded controller, because it generates URL's that look like 
"http://192.168.0.5/..." and it's very broken in that respect.  But I 
need to be able to browse this server, even when off the local LAN.  I'd 
use VPN, except not all of our devices (including cellphones) support 
our VPN capabilities.

So I was thinking about writing a CGI that grabs pages from this device, 
parses them, and then does URL fix-up so that the URL's work when 
accessed on the HTTP server/firewall using the public address (and name 
that resolves to that address).

Anyone have any pointers/examples to get me started that might save some 
time?

Thanks,

-Philip




More information about the fedora-list mailing list