From: Tim Perton <grpanosgr@yahoo.com>
To: netfilter@lists.netfilter.org
Subject: RE: iptables: hide the real web server from users
Date: Wed, 14 Feb 2007 07:44:17 -0800 (PST) [thread overview]
Message-ID: <176687.44934.qm@web33313.mail.mud.yahoo.com> (raw)
In-Reply-To: <A78C6C481BFAE949BC5990E1EEB2FE12595D@q.LeBlancNet.us>
Thank you all for your quick reply.
Ok for web traffic squid is fine.
But if I have a binary socket input/output thread and
want to pass them transparently between the user and
System B through System A, i think that only iptables
can do that in tcp layer.
Any ideas on this?
Tim
--- Robert LeBlanc <robert@leblancnet.us> wrote:
> Squid would also do this for you.
>
> Robert LeBlanc
>
> > -----Original Message-----
> > From: netfilter-bounces@lists.netfilter.org
> [mailto:netfilter-
> > bounces@lists.netfilter.org] On Behalf Of Rodrigo
> Montoro (Sp0oKeR)
> > Sent: Wednesday, February 14, 2007 6:08 AM
> > To: Tim Perton
> > Cc: netfilter@lists.netfilter.org
> > Subject: Re: iptables: hide the real web server
> from users
> >
> > I don' t think iptables is your best option for
> that.
> > Try mod_security, mod_rewrite or apache proxy .
> >
> > Regards,
> >
> > On 2/14/07, Tim Perton <grpanosgr@yahoo.com>
> wrote:
> > > Dear friends,
> > > I have a web server running on system B. I run
> my main
> > > services to System B but I do not want my users
> to
> > > talk to system B directly.
> > > So I have another server (System A) in a
> differrent
> > > ISP & a completely different C class IP address
> like
> > > below:
> > >
> > > -----------------------------
> > > --- System A (IP=a.b.c.d) ---
> > > -----------------------------
> > >
> > > -----------------------------
> > > --- System B (IP=e.f.g.h) ---
> > > -----------------------------
> > >
> > > System A runs iptables(redhat EL4).
> > >
> > > I want my users to do a request like
> > > http://a.b.c.d/1.php and then machine A to make
> the
> > > same request to System B, get the results and
> send
> > > them back to the user transparently.
> > > Practically System A to act as an intermediatery
> to
> > > the real machine (System B).
> > >
> > > Any idea on how to do this?
> > >
> > > Regards,
> > > Tim Perton
> > >
> > >
> > >
> > >
> >
>
________________________________________________________________________
> __
> > __________
> > > Food fight? Enjoy some healthy debate
> > > in the Yahoo! Answers Food & Drink Q&A.
> > >
>
http://answers.yahoo.com/dir/?link=list&sid=396545367
> > >
> > >
> >
> >
> > --
> > =====================
> > Rodrigo Ribeiro Montoro
> > Desenvolvedor BRMAlinux
> > spooker@brc.com.br
> > RHCE/LPIC-I
> > =====================
>
>
>
____________________________________________________________________________________
Sucker-punch spam with award-winning protection.
Try the free Yahoo! Mail Beta.
http://advision.webevents.yahoo.com/mailbeta/features_spam.html
next prev parent reply other threads:[~2007-02-14 15:44 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-02-14 12:53 iptables: hide the real web server from users Tim Perton
2007-02-14 13:08 ` Rodrigo Montoro (Sp0oKeR)
2007-02-14 14:40 ` Rob Sterenborg
2007-02-14 14:43 ` Robert LeBlanc
2007-02-14 15:44 ` Tim Perton [this message]
2007-02-23 11:05 ` Martijn Lievaart
2007-02-14 15:42 ` Grant Taylor
2007-02-14 16:36 ` Tim Perton
2007-02-14 17:59 ` Grant Taylor
2007-02-15 14:28 ` Tim Perton
2007-02-15 15:08 ` Pascal Hambourg
2007-02-15 10:55 ` Pascal Hambourg
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=176687.44934.qm@web33313.mail.mud.yahoo.com \
--to=grpanosgr@yahoo.com \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.