目的: 一台redhat linux 6.2 用为防火墙,专线连结chinanet,对内连结局域网段192.168.11.0/24,需要enable php4和mysql数据库,且局域网上有另一台apache服务器192.168.11.2,需要对外部用户提供服务,利用防火墙上编译的apache反向代理和名字虚拟主机的功能来实现
地址: 防火墙外部地址为a.b.c.210,且别名第二个地址为a.b.c.211,内部网卡地址为192.168.11.5,内部lan上的apache服务器为192.168.11.2
实现:
1.下载三个源文件到防火墙机器的/tmp下
apache_1.3.12.tar.gz
mysql-3.22.32.tar.gz
php-4.0.1pl2.tar.gz
2. 在/tmp下分别解开三个文件
# tar xvfz apache*gz
# tar xvfz mysql*gz
# tar xvfz php*gz
3. 进入/tmp/mysql*,编译mysql
#./configure –prefix=/usr/local/mysql
#make
#make install
#scripts/mysql_install_db
#/usr/local/mysql/bin/safe_mysqld &
#/usr/local/mysql/bin/mysqladm -u root password newpassword
4. 进入/tmp/php*,编译php4
#./configure –with-mysql –with-apache=../apche_1.3.12
–enable-track-vars
#make;make install
5. 下载反向代理x-forward-for模块,地址是
http://perl.apache.org/guide/download.html#mod_proxy_add_forward
下载后放该文件mod_proxy_add_forward.c到/tmp/apache_1.3.12/src/modules/
extra/目录下
5.编译apache,加入php4模块 和大多数共享模块库
./configure –prefix=/usr/local/apache
–activate-module=src/modules/php4/libphp4.a
–activate-module=src/modules/extra/mod_proxy_add_forward.c
–enable-module=most –enable-shared=max
6. 拷贝php.ini-dist到其它目录
# cd /tmp/php*
# cp php.ini-dist /usr/local/lib/php.ini
7.编辑/usr/local/apache/conf/httpd.conf中的addtype行
addtype application/x-httpd-php4 .php
8. 编辑/usr/local/apache/conf/httpd.conf中的addmodule行,
把mod_proxy_add_forward放在mod_proxy之前。
9. 在/usr/local/apache/conf/httpd.conf的末尾增加下面的行
namevirtualhost 202.96.240.210
servername host.yourdomain.com
errorlog /var/log/httpd/shopu/error_log
transferlog /var/log/httpd/shopu/access_log
rewriteengine on
rewriterule ^(/.*)$ http://192.168.11.2/$1 [p,l]
#rewritelog /var/log/httpd/shopu/rewrite_log
#rewriteloglevel 9
proxyrequests off
其中rewritelog and rewriteloglevel两行如果去掉注释则帮助查找rewriterule记录