All of lore.kernel.org
 help / color / mirror / Atom feed
From: KSCOTT9@triad.rr.com
To: netfilter@lists.netfilter.org
Subject: "stand-alone" web server
Date: Tue, 11 Jul 2006 16:30:56 -0400	[thread overview]
Message-ID: <c39d9d00714b2.714b2c39d9d00@southeast.rr.com> (raw)

I am trying to set up a "stand-alone" internet lab environment where my
web server will be on the internet side of a router serving up a
training website. The clients will only be able to access those web
pages, not the "Real" internet. It would best if users were routed to
that web page regardless of whatever internet address they entered
(except for server management screens). I'm thinking the following:

Requested website //  Destination page served up
cnn.com           //    myserver/index.html
whatever.com      //    myserver/index.html
myserver:8081     //    myserver/management.html
cnn.com:8081      //    myserver/management.html

I'm think maybe appropriate entry(s) in iptables will do this but I am
not quite sure how to proceed. I think I need something like:

iptables -A PREROUTING  -p tcp -dport 80 -j REDIRECT --to-ports 80     
  # web server
iptables -A PREROUTING  -p tcp -dport 8081 -j REDIRECT --to-ports 8081 
  # mgmt server
The two server need to be configured to answer on those ports 

or  maybe
# let only appweb answer normal port 80 traffic
 iptables -A INPUT -p tcp --dport 80 ! --uid-owner appweb -j REJECT
--reject -with -tcp-reset 

Am I close?  Thanks 
Ken



             reply	other threads:[~2006-07-11 20:30 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2006-07-11 20:30 KSCOTT9 [this message]
2006-07-11 21:19 ` "stand-alone" web server Taylor, Grant
2006-07-12 14:33 ` Martijn Lievaart

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=c39d9d00714b2.714b2c39d9d00@southeast.rr.com \
    --to=kscott9@triad.rr.com \
    --cc=netfilter@lists.netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.