From: Tim Perton <grpanosgr@yahoo.com>
To: netfilter@lists.netfilter.org
Subject: RE: iptables: hide the real web server from users
Date: Wed, 14 Feb 2007 07:44:17 -0800 (PST) [thread overview]
Message-ID: <176687.44934.qm@web33313.mail.mud.yahoo.com> (raw)
In-Reply-To: <A78C6C481BFAE949BC5990E1EEB2FE12595D@q.LeBlancNet.us>
Thank you all for your quick reply.
Ok for web traffic squid is fine.
But if I have a binary socket input/output thread and
want to pass them transparently between the user and
System B through System A, i think that only iptables
can do that in tcp layer.
Any ideas on this?
Tim
--- Robert LeBlanc <robert@leblancnet.us> wrote:
> Squid would also do this for you.
>
> Robert LeBlanc
>
> > -----Original Message-----
> > From: netfilter-bounces@lists.netfilter.org
> [mailto:netfilter-
> > bounces@lists.netfilter.org] On Behalf Of Rodrigo
> Montoro (Sp0oKeR)
> > Sent: Wednesday, February 14, 2007 6:08 AM
> > To: Tim Perton
> > Cc: netfilter@lists.netfilter.org
> > Subject: Re: iptables: hide the real web server
> from users
> >
> > I don' t think iptables is your best option for
> that.
> > Try mod_security, mod_rewrite or apache proxy .
> >
> > Regards,
> >
> > On 2/14/07, Tim Perton <grpanosgr@yahoo.com>
> wrote:
> > > Dear friends,
> > > I have a web server running on system B. I run
> my main
> > > services to System B but I do not want my users
> to
> > > talk to system B directly.
> > > So I have another server (System A) in a
> differrent
> > > ISP & a completely different C class IP address
> like
> > > below:
> > >
> > > -----------------------------
> > > --- System A (IP=a.b.c.d) ---
> > > -----------------------------
> > >
> > > -----------------------------
> > > --- System B (IP=e.f.g.h) ---
> > > -----------------------------
> > >
> > > System A runs iptables(redhat EL4).
> > >
> > > I want my users to do a request like
> > > http://a.b.c.d/1.php and then machine A to make
> the
> > > same request to System B, get the results and
> send
> > > them back to the user transparently.
> > > Practically System A to act as an intermediatery
> to
> > > the real machine (System B).
> > >
> > > Any idea on how to do this?
> > >
> > > Regards,
> > > Tim Perton
> > >
> > >
> > >
> > >
> >
>
________________________________________________________________________
> __
> > __________
> > > Food fight? Enjoy some healthy debate
> > > in the Yahoo! Answers Food & Drink Q&A.
> > >
>
http://answers.yahoo.com/dir/?link=list&sid=396545367
> > >
> > >
> >
> >
> > --
> > =====================
> > Rodrigo Ribeiro Montoro
> > Desenvolvedor BRMAlinux
> > spooker@brc.com.br
> > RHCE/LPIC-I
> > =====================
>
>
>
____________________________________________________________________________________
Sucker-punch spam with award-winning protection.
Try the free Yahoo! Mail Beta.
http://advision.webevents.yahoo.com/mailbeta/features_spam.html
next prev parent reply other threads:[~2007-02-14 15:44 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-02-14 12:53 iptables: hide the real web server from users Tim Perton
2007-02-14 13:08 ` Rodrigo Montoro (Sp0oKeR)
2007-02-14 14:40 ` Rob Sterenborg
2007-02-14 14:43 ` Robert LeBlanc
2007-02-14 15:44 ` Tim Perton [this message]
2007-02-23 11:05 ` Martijn Lievaart
2007-02-14 15:42 ` Grant Taylor
2007-02-14 16:36 ` Tim Perton
2007-02-14 17:59 ` Grant Taylor
2007-02-15 14:28 ` Tim Perton
2007-02-15 15:08 ` Pascal Hambourg
2007-02-15 10:55 ` Pascal Hambourg
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=176687.44934.qm@web33313.mail.mud.yahoo.com \
--to=grpanosgr@yahoo.com \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox