Linux Firewall and a Web Server
I.Ioannou
roryt at hol.gr
Tue Sep 5 17:38:52 EEST 2000
"Socrates T. Kolokithas" wrote:
>
> mporoume se ena dyktio me linux firewall me ipchains na exoume piso apo to
> firewall ena mhxanima, gia web server p.x. pou omos na exei pragmatikh IP
> Address ?
Nai :
Senario 1) To firewall exei 3 IPs :
a) ayti pou to sindeei me to Internet (real IP)
b) ayti poy to kanei melos sto local net (fake IP)
c) ayti pou to kanei melos se ena mikro network me
toulaxiston 4 real IPs, mia gia ayto, mia gia to web server
mia broadcast mia network (netmask 255.255.255.252)
Ypopsi den milw gia poses kartes diktiou, mporeis na xrisimopoihseis
apo 1 (me ip alias) mexri 3, oses sou tairiazoun
Prepei na zitiseis ta analoga diktia kai routing gia to (a) kai to (c)
apo ton
provider sou, kai na rithmiseis katalila ta ipchains gia na sou kanei to
firewall
to swsto routing gai to web server.
ALLA, o web server den einai pisw apo to firewall, stin ousia tha
mporouses na xrisimopoihseis
kai to :
Senario 2)
Internet-->hub--->firewall
|
+---->web server
Diladi o web server kateythian sto internet, parallila me to firewall
Senario 3)
O web server pisw apo to firewall me fake IP. Ena diktio apo ton
provider sou
me toulaxiston 4 real IPs (network, firewall, web server, broadcast)
kai oi 2 real IPs me ip alias panw sto firewall.
Redirection tis portas 80 tis real IP tou web server stin porta 80 tou
fake.
Toulaxiston etsi mono h porta 80 tou web server tha einai ektethimeni
(an fysika
setareis swsta to firewall)
Koita sta HOWTO kai sta archives :
http://lists.hellug.gr/archives/linux-greek-users/2000/08/0121.html
I.Ioannou <roryt at hol.gr>
--
linux-greek-users mailing list -- http://lists.hellug.gr
More information about the Linux-greek-users
mailing list