iptables - Multiple IP's, only one is IP Prerouting correctly

Question

I am trying to redirect all requests on port 80 to port 9000 across all my IP's

I have 1 server hosting several IP addresses on eth0. For the sake of my problem, lets say they all use apache to listen to port 9000

Only the primary IP address (.106) is working correctly and redirecting traffic

Chain PREROUTING (policy ACCEPT 2132 packets, 256K bytes)
 pkts bytes target     prot opt in     out     source               destination
  128  7236 REDIRECT   tcp  --  eth0   *       0.0.0.0/0            173.234.60.106      tcp dpt:80 redir ports 9000
  151  8624 REDIRECT   tcp  --  eth0   *       0.0.0.0/0            173.234.60.107      tcp dpt:80 redir ports 9000

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
num   pkts bytes target     prot opt in     out     source               destination
1       21  1574 ACCEPT     tcp  --  eth0   *       0.0.0.0/0            0.0.0.0/0           tcp dpt:9000

Everything else that is listening on 173.234.60.107:9000 (or any other ip) in my Virtual Host config is redirecting to the default /var/www/index.html page

Examples: www.tiprocker.com - ip .106 -> successfully connects and redirects to ssl mvmdesign.org - ip .107 -> default page

Is there something specific that occurs when working with multiple IP's on a single server instance? I alse tried redirecting on an altogether different IP, all traffic from 80 to 9001 using nodejs, and in that case I get a page not found, so something with iptables doesn't seem to be functioning correctly for me.

Edit: Here is some additional info on my apache configs

httpd.conf https://gist.github.com/maruf89/8f162b49addc5dc49902

// separate file
NameVirtualHost 173.234.60.106:9000
NameVirtualHost 173.234.60.106:443
NameVirtualHost 173.234.60.107:9000
NameVirtualHost 173.234.60.107:443

mvmdesign.org vhost file https://gist.github.com/maruf89/363b6edd111834ad78bb

Well there are packets that are hitting your REDIRECT rule for `173.234.60.107`. The fact that you are getting the default page is telling you that the rule is working. If the rule wasn't working you would probably get a destination unreachable or something. Are you sure your problem isn't related to your apache Virtual host configuration? — Zoredache, Dec 23 '13 at 20:35

score 3 · Accepted Answer · answered Dec 23 '13 at 20:34

3

If the default page is shown the redirect works (as you can also see since the bytes and packet counters are >0), this is a configuration issue in Apache.

answered Dec 23 '13 at 20:34

Teun Vink

1,837
11
14

Any idea why they would be directing to the default pages instead of the virtual host directed page? – Maruf Dec 23 '13 at 21:36
Not without relevant parts of your Apache configuration (Listen directives, vhost configuration) – Teun Vink Dec 23 '13 at 21:50
Added my config files – Maruf Dec 23 '13 at 22:16

iptables - Multiple IP's, only one is IP Prerouting correctly

1 Answers1