From: Jonathan Tripathy <jonnyt@abpni.co.uk>
To: iic1tls@yahoo.com, netfilter@vger.kernel.org
Subject: Re: Bastion Firewall Host Redirect Question
Date: Tue, 14 Dec 2010 14:59:11 +0000 [thread overview]
Message-ID: <4D07863F.3070603@abpni.co.uk> (raw)
In-Reply-To: <000601cb9b9e$c6e81e30$54b85a90$@com>
>
> QUESTION
> Given that clients on the internal network can freely surf the internet: if
> the clients select a specific web site (ie www.website.com), my goal is to
> configure IPTables to instead redirect the client to the internal web
> server.
>
> - If the client web browser is going to surf www.website.com, then iptables
> redirects the client to 149.10.10.25
> - If the client web browser is going to surf any other website, then
> iptables permits the client to forward to the internet.
>
>
Use a local DNS server and set the hostname of the site that you want to
re-direct to your local webserver. You can secure this setup a bit more
by using a proxy server (Squid + SquidGuard) to prevent clients entering
the IPs directly. The only thing that IPTables would do is make sure
that only your proxy server can access the internet directly
next prev parent reply other threads:[~2010-12-14 14:59 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-12-14 14:54 Bastion Firewall Host Redirect Question iic1tls
2010-12-14 14:59 ` Jonathan Tripathy [this message]
2010-12-14 15:10 ` iic1tls
2010-12-14 17:32 ` /dev/rob0
2010-12-14 20:01 ` Billy Crook
2010-12-17 21:35 ` Pascal Hambourg
-- strict thread matches above, loose matches on Subject: below --
2010-12-14 15:10 iic1tls
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4D07863F.3070603@abpni.co.uk \
--to=jonnyt@abpni.co.uk \
--cc=iic1tls@yahoo.com \
--cc=netfilter@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox