Problems Forwarding Port 80 to external host
Justin Michael
jmichael@web3.fibercitynetworks.net
Wed, 23 Jan 2002 15:33:28 -0500
On Wed, Jan 23, 2002 at 01:08:15PM -0600, Ben Shellrude wrote:
> Hello,
> I'm just curious if this is possible.
> I have a firewall that performs NAT and portforwarding for an internal
> webserver. The idea is to use some code to check that the internal server
> is up and running, and if not, to redirect the requests to another host...
> However, this secondary host is not located internally or even on the same
> network segment as the gateway. I have not been able to find any help on
> forwarding port 80 to an external host. I'm just curious if any one can
> lend me a hand in trying to solve this issue?
This is a kludge, but when things are broken, you kludge stuff to hold it together
until you can resolve the problem, right? It may not work, but it did work
for someone else.
You could write a script that check http on your internal server. In the event
it fails, you could add these two rules:
iptables -t nat -I PREROUTING -d <brokenserverexternal> -j DNAT --to <workingserverexternal>
iptables -t nat -I POSTROUTING -d <workingserverexternal> -j MASQUERADE
--j