From: "John A. Sullivan III" <jsullivan@opensourcedevel.com>
To: SWAPNIL <postmaster@modular-infotech.com>
Cc: ilugd@lists.linux-delhi.org, netfilter@lists.netfilter.org
Subject: Re: help for iptables
Date: Thu, 21 Jul 2005 07:47:15 -0400 [thread overview]
Message-ID: <1121946435.2645.10.camel@localhost> (raw)
In-Reply-To: <A85D74936A4B4CE196FE8F9CD719976A@mitpl.com>
On Wed, 2005-07-20 at 11:52 +0530, SWAPNIL wrote:
> Dear All,
>
> Please find the link of my network for your reference.
>
> http://downloadftp.modular-infotech.com/common/share/network.gif
>
> My client1 PC and client 2 PC will be connected to the internet using proxy
> and only client 2 pc will be connected to one remote sever or domain or ip
> using iptables.
>
> >From remote location anyone can connect my local web sever through my global
> DNS server
> eg. someone must first connected to my global DNS server for resolving host
> name then he will get routed to my local router and router will connect that
> remote user to my local webserver on any proto and any port.
>
> Also I would like to track each connection session with my websever.
>
> what should I do in such scenario ?
>
> please help me otherwise my job will be in trouble.
>
> Basically I am new in Linux I had tried lot of on iptables rules, but I cant
> achieve final target.
<snip>
I'm a little unsure of what you are trying to accomplish. What do you
mean by "someone must first connect to my global DNS server or resolving
host name then he will get routed to my local router"? Perhaps I don't
understand but that seems strange.
Do you really want to publicly expose any protocol and any port on a
server to the world? That sounds awfully dangerous.
What do you mean my track each connection session with your webserver.
Will simple logging of the connection event be sufficient or do you need
details web server logs?
I'm afraid I will be offline for a couple of days so, if someone else
could jump in to help, that would be much appreciated - John
--
John A. Sullivan III
Open Source Development Corporation
+1 207-985-7880
jsullivan@opensourcedevel.com
If you would like to participate in the development of an open source
enterprise class network security management system, please visit
http://iscs.sourceforge.net
next prev parent reply other threads:[~2005-07-21 11:47 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-07-20 6:22 help for iptables SWAPNIL
2005-07-21 11:47 ` John A. Sullivan III [this message]
-- strict thread matches above, loose matches on Subject: below --
2005-07-21 12:15 SWAPNIL
2005-07-21 13:04 ` Jan Engelhardt
2005-07-20 5:47 help for IPTABLES SWAPNIL
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1121946435.2645.10.camel@localhost \
--to=jsullivan@opensourcedevel.com \
--cc=ilugd@lists.linux-delhi.org \
--cc=netfilter@lists.netfilter.org \
--cc=postmaster@modular-infotech.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox