I have an host with proxmox with single public ip and some virtual machine installed whit webservers and multiple doimains, the first VM is a proxy with haproxy that forward the request to other VM and in proxmox host i have this iptables script:
iptables -F
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT
iptables -A INPUT -p icmp --icmp-type echo-request -j DROP
iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -o eth0 -j MASQUERADE
iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp --dport 22100 -j DNAT --to-destination 192.168.1.100:22
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j DNAT --to-destination 192.168.1.100:80
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 443 -j DNAT --to-destination 192.168.1.100:443
iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp --dport 22101 -j DNAT --to-destination 192.168.1.101:22
iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp --dport 22102 -j DNAT --to-destination 192.168.1.102:22
iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp --dport 22103 -j DNAT --to-destination 192.168.1.103:22
iptables-save > /etc/iptables.rules
Internal lan is 192.168.1.0, the interface eth0 has public ip, the proxy is 192.168.1.100 and the other machine is 101, 102, 103 etc..
In another VM i have installed a website that works if i connect from external, instead if i launch curl www.mydomain.com from the same VM i have curl: (7) Failed connect to www.mydomain.com:80; Connection refused, i think it is a problem of iptables
Aucun commentaire:
Enregistrer un commentaire