I think the key here is port redirecting. For just web however, one could
use reverse proxying as well (I think squid can do reverse proxy, and even
apache seems to have some limited capablity for this as part of it's
feature set).
Carric Dooley
COM2:Interactive Media
http://www.com2usa.com
On Fri, 9 Jul 1999, H D Moore wrote:
> Hi,
>
> I was trying to do a similar setup, where I have one machine as the
> router between a private network and the internet, using the command
> line below it would only forward the connection IF the WWW server has a
> real IP address vs a private one. The Masqing server would respond back
> with a RST packet because it doesnt have a listening socket for that
> port...
>
>
> Gary Maltzen wrote:
> >
> > I'm still new to this, but I think you're looking for a rule like:
> >
> > # ipchains -A forward -p TCP -s 0/0 www -d server.ip www -j ACCEPT
> >
> > -A forward ... add this rule to the 'forward' chain
> > -p TCP ... applies to TCP connections
> > -s 0/0 www ... any incoming port 80 connection
> > -d server.ip www ... routed to port 80 on server.ip
> > -j ACCEPT ... accept the packet
> >
> > This assumes that the RH60 system is already performing MASQ for the
> > intranet.
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
