* help for IPTABLES
@ 2005-07-20 5:47 SWAPNIL
0 siblings, 0 replies; 5+ messages in thread
From: SWAPNIL @ 2005-07-20 5:47 UTC (permalink / raw)
To: netfilter
Dear All,
Please find the link of my network for your reference.
http://downloadftp.modular-infotech.com/common/share/network.gif
My client1 PC and client 2 PC will be connected to the internet using proxy
and only client 2 pc will be connected to one remote sever or domain or ip
using iptables.
From remote location anyone can connect my local web sever through my global
DNS server
eg. someone must first connected to my global DNS server for resolving host
name then he will get routed to my local router and router will connect that
remote user to my local webserver on any proto and any port.
Also I would like to track each connection session with my websever.
what should I do in such scenario ?
please help me otherwise my job will be in trouble.
Basically I am new in Linux I had tried lot of on iptables rules, but I cant
achieve final target.
Swapnil K.
System Group
Modular Infotech Pvt. Ltd.
26 Electronic Co-operative Estate,
Pune Satara Road, Pune. 411 009.
Maharshtra. INDIA.
Ph: +91-20-24226612 Ext. 206.
Fax: +91-20-24225896.
E-mail: postmaster@modular-infotech.com
Website: www.modular-infotech.com
^ permalink raw reply [flat|nested] 5+ messages in thread
* help for iptables
@ 2005-07-20 6:22 SWAPNIL
2005-07-21 11:47 ` John A. Sullivan III
0 siblings, 1 reply; 5+ messages in thread
From: SWAPNIL @ 2005-07-20 6:22 UTC (permalink / raw)
To: netfilter-wool9L35kiczKOhml7GhPkB+6BGkLq7r
Cc: ilugd-cunTk1MwBs8/MmOfgqcDl+ys7Bb73OIl
Dear All,
Please find the link of my network for your reference.
http://downloadftp.modular-infotech.com/common/share/network.gif
My client1 PC and client 2 PC will be connected to the internet using proxy
and only client 2 pc will be connected to one remote sever or domain or ip
using iptables.
From remote location anyone can connect my local web sever through my global
DNS server
eg. someone must first connected to my global DNS server for resolving host
name then he will get routed to my local router and router will connect that
remote user to my local webserver on any proto and any port.
Also I would like to track each connection session with my websever.
what should I do in such scenario ?
please help me otherwise my job will be in trouble.
Basically I am new in Linux I had tried lot of on iptables rules, but I cant
achieve final target.
Swapnil K.
System Group
Modular Infotech Pvt. Ltd.
26 Electronic Co-operative Estate,
Pune Satara Road, Pune. 411 009.
Maharshtra. INDIA.
Ph: +91-20-24226612 Ext. 206.
Fax: +91-20-24225896.
E-mail: postmaster-7q9UKRfBbZqkPPdVYLq4elaTQe2KTcn/@public.gmane.org
Website: www.modular-infotech.com
_______________________________________________
ilugd mailinglist -- ilugd-cunTk1MwBs8/MmOfgqcDl+ys7Bb73OIl@public.gmane.org
http://frodo.hserus.net/mailman/listinfo/ilugd
Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi http://www.mail-archive.com/ilugd-cunTk1MwBs8/MmOfgqcDl+ys7Bb73OIl@public.gmane.org/
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: help for iptables
2005-07-20 6:22 help for iptables SWAPNIL
@ 2005-07-21 11:47 ` John A. Sullivan III
0 siblings, 0 replies; 5+ messages in thread
From: John A. Sullivan III @ 2005-07-21 11:47 UTC (permalink / raw)
To: SWAPNIL; +Cc: ilugd, netfilter
On Wed, 2005-07-20 at 11:52 +0530, SWAPNIL wrote:
> Dear All,
>
> Please find the link of my network for your reference.
>
> http://downloadftp.modular-infotech.com/common/share/network.gif
>
> My client1 PC and client 2 PC will be connected to the internet using proxy
> and only client 2 pc will be connected to one remote sever or domain or ip
> using iptables.
>
> >From remote location anyone can connect my local web sever through my global
> DNS server
> eg. someone must first connected to my global DNS server for resolving host
> name then he will get routed to my local router and router will connect that
> remote user to my local webserver on any proto and any port.
>
> Also I would like to track each connection session with my websever.
>
> what should I do in such scenario ?
>
> please help me otherwise my job will be in trouble.
>
> Basically I am new in Linux I had tried lot of on iptables rules, but I cant
> achieve final target.
<snip>
I'm a little unsure of what you are trying to accomplish. What do you
mean by "someone must first connect to my global DNS server or resolving
host name then he will get routed to my local router"? Perhaps I don't
understand but that seems strange.
Do you really want to publicly expose any protocol and any port on a
server to the world? That sounds awfully dangerous.
What do you mean my track each connection session with your webserver.
Will simple logging of the connection event be sufficient or do you need
details web server logs?
I'm afraid I will be offline for a couple of days so, if someone else
could jump in to help, that would be much appreciated - John
--
John A. Sullivan III
Open Source Development Corporation
+1 207-985-7880
jsullivan@opensourcedevel.com
If you would like to participate in the development of an open source
enterprise class network security management system, please visit
http://iscs.sourceforge.net
^ permalink raw reply [flat|nested] 5+ messages in thread
* help for iptables
@ 2005-07-21 12:15 SWAPNIL
2005-07-21 13:04 ` Jan Engelhardt
0 siblings, 1 reply; 5+ messages in thread
From: SWAPNIL @ 2005-07-21 12:15 UTC (permalink / raw)
To: netfilter
Dear Sir,
Please find network.png in the link
http://downloadftp.modular-infotech.com/common/share/network.png
Router outgoing request handle by "iptables-1.2.7a-2" using following
command:
[root@gw-host8 root]# iptables -t nat -A POSTROUTING -s 192.168.1.2 -d
202.56.54.10 -j MASQUERADE
I have got a query about how to handle incoming requests for local webserver
using routers static IP address?
Thanks and regards
Swapnil K.
System Group
Modular Infotech Pvt. Ltd.
26 Electronic Co-operative Estate,
Pune Satara Road, Pune. 411 009.
Maharshtra. INDIA.
Ph: +91-20-24226612 Ext. 206.
Fax: +91-20-24225896.
E-mail: postmaster@modular-infotech.com
Website: www.modular-infotech.com
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: help for iptables
2005-07-21 12:15 SWAPNIL
@ 2005-07-21 13:04 ` Jan Engelhardt
0 siblings, 0 replies; 5+ messages in thread
From: Jan Engelhardt @ 2005-07-21 13:04 UTC (permalink / raw)
To: SWAPNIL; +Cc: netfilter
>Router outgoing request handle by "iptables-1.2.7a-2" using following
>command:
>[root@gw-host8 root]# iptables -t nat -A POSTROUTING -s 192.168.1.2 -d
>202.56.54.10 -j MASQUERADE
>
>I have got a query about how to handle incoming requests for local webserver
>using routers static IP address?
You need to reserve a port on the router which will forward to the local
webserver, e.g.
iptables -t nat -A PREROUTING -s 202.56.54.10 -p tcp --dport 8000 -j DNAT
--to-dest 192.168.1.1:80
Jan Engelhardt
--
| Alphagate Systems, http://alphagate.hopto.org/
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2005-07-21 13:04 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2005-07-20 6:22 help for iptables SWAPNIL
2005-07-21 11:47 ` John A. Sullivan III
-- strict thread matches above, loose matches on Subject: below --
2005-07-21 12:15 SWAPNIL
2005-07-21 13:04 ` Jan Engelhardt
2005-07-20 5:47 help for IPTABLES SWAPNIL
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox