Reverse Proxy FTP traffic
I was wondering if anyone knew of a reverse proxy server to reverse proxy ftp traffic. I would like to run many servers on ip address, but then pass the traffic to an internal server with its own ip address. Thank you for any suggestions.
There are several ways to solve this problem. I like this setup:
+-------------+
| Gateway |
| NAT/Router |
| 216... |
+--+---+------+
| |
+-- FTP ports --+ |
| |
| Web ports
| |
+----+--------+ +----+---------+
| VM2 - FTP | | VM1 - web |
| 192...2 | | 192...1 |
| mounts | | mounts |
| /www | | /www |
+-------------+ +--+--------+--+
| |
dom1 app proxy |
| |
| dom2 app proxy
| |
| |
+---------+---+ +--+----------+
| VM3 - dom1 | | VM4 - dom2 |
| 192...3 | | 192...4 |
| mounts | | mounts |
| /www/dom1 | | /www/dom2 |
+-------------+ +-------------+
The idea is that the gateway uses NAT and port-forwards the web and ftp requests to their respective VM's. The Web and FTP VM's use virtualhosts to manage the specific subfolders of /www based on requested domain. Then the web server proxies the dynamic content requests back the per-domain application VM's which only have access to their own sub-directory. There is also no reason you can't have the web server serving WebDAV as well.
We currently use JFTPGW - http://www.mcknight.de/jftpgw/
It has worked very well for us so far.
Here's the relevant section from my jftpgw config:
<global>
forward *@192.168.0.xx
reverselookups yes
syslogfacility daemon
commandtimeout 300
transparent-proxy off
forwardlookups yes
dnslookups no