Host -> jail -> host - BAD GATEWAY

Im using FreeBSD and jails. I have my postfix on host, and main http
server in jail.

When I set in jail (192.168.1.2):

server {
<------>listen 80;
<------>server_name www.poczta.a.org poczta.a.org;
<------>access_log /var/log/nginx/poczta.a.org-access.log;

<------>location / {
<------><------> proxy_pass http://188.212.129.X;
<------><------> proxy_set_header X-Real-IP $remote_addr;
<------><------> proxy_set_header Host $http_host;
<------>}
}

188.212.129.X it is my host IP.

I must set nginx on host, because without this my www mail client
(roundcube) dont working. I cant install postfix in jail. How to fix it?

Posted at Nginx Forum:
http://forum.nginx.org/read.php?2,148117,148117#msg-148117

On Fri, Nov 5, 2010 at 1:11 PM, dong [email protected] wrote:

Im using FreeBSD and jails. I have my postfix on host, and main http
server in jail.

why bother with a jail maybe? :stuck_out_tongue:

I cant install postfix in jail… its problem :slight_smile:

Posted at Nginx Forum:
http://forum.nginx.org/read.php?2,148117,148122#msg-148122

yes - don’t use jails at all. nginx is pretty secure, as is postfix…
:stuck_out_tongue:

of course.

2010/11/5 Jérôme Loyet [email protected]:

2010/11/5 Michael S. [email protected]:

yes - don’t use jails at all. nginx is pretty secure, as is postfix… :stuck_out_tongue:

yes until a security hole is discovered …

Anybody have other idea? :slight_smile:

Posted at Nginx Forum:
http://forum.nginx.org/read.php?2,148117,148135#msg-148135

On Fri, 2010-11-05 at 16:11 -0400, dong wrote:

<------>location / {
<------><------> proxy_pass http://188.212.129.X;
<------><------> proxy_set_header X-Real-IP $remote_addr;
<------><------> proxy_set_header Host $http_host;
<------>}
}

188.212.129.X it is my host IP.

I’m not too familiar with BSD or BSD jails, but it sounds like a network
configuration issue rather than an Nginx issue. I’d first make sure
that 188.212.129.X is actually reachable from inside the jail. Then
make sure that whatever you are proxying to on the public IP is actually
listening there on port 80. Then make sure you aren’t filtering
packets to that 188.212.129.X:80 or that you at least have an exception
for 192.168.1.2.

Overall, I’m pretty confused as to what you are trying to accomplish by
proxying from a jail with a private IP address to a service that
apparently resides on a public IP address, since you could simply bypass
the proxy and access the public IP directly.

Cliff


Cliff W. [email protected]

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs