Linux Firewall and a Web Server

Socrates T. Kolokithas socrates at ns.creative.gr
Wed Sep 6 14:47:33 EEST 2000 

Euxaristw poly gia tis odigies,

an kai gia to senario 3) exoume to koloutho erwtima:
pos ginetai redirection apo to firewall pros to masa fake IP mono tou
aliased IP kai oxi kai tou kanonikou pou exei h karta me ta real IP tou
firewall.

Euxaristw

Socrates Kolokithas



-----Original Message-----
From: owner-linux-greek-users at tux.hellug.gr
[mailto:owner-linux-greek-users at tux.hellug.gr]On Behalf Of I.Ioannou
Sent: Tuesday, September 05, 2000 5:39 PM
To: linux-greek-users at hellug.gr
Subject: Re: Linux Firewall and a Web Server


"Socrates T. Kolokithas" wrote:
>
> mporoume se ena dyktio me linux firewall me ipchains na exoume piso apo to
> firewall ena mhxanima, gia web server p.x. pou omos na exei pragmatikh IP
> Address ?

Nai :
Senario 1) To firewall exei 3 IPs :
   a) ayti pou to sindeei me to Internet (real IP)
   b) ayti poy to kanei melos sto local net (fake IP)
   c) ayti pou to kanei melos se ena mikro network me
      toulaxiston 4 real IPs, mia gia ayto, mia gia to web server
      mia broadcast mia network (netmask 255.255.255.252)

Ypopsi den milw gia poses kartes diktiou, mporeis na xrisimopoihseis
apo 1 (me ip alias) mexri 3, oses sou tairiazoun

Prepei na zitiseis ta analoga diktia kai routing gia to (a) kai to (c)
apo ton
provider sou, kai na rithmiseis katalila ta ipchains gia na sou kanei to
firewall
to swsto routing gai to web server.
ALLA, o web server den einai pisw apo to firewall, stin ousia tha
mporouses na xrisimopoihseis
kai to :

Senario 2)
Internet-->hub--->firewall
            |
            +---->web server
Diladi o web server kateythian sto internet, parallila me to firewall

Senario 3)

O web server pisw apo to firewall me fake IP. Ena diktio apo ton
provider sou
me toulaxiston 4 real IPs (network, firewall, web server, broadcast)
kai oi 2 real IPs me ip alias panw sto firewall.
Redirection tis portas 80 tis real IP tou web server stin porta 80 tou
fake.
Toulaxiston etsi mono h porta 80 tou web server tha einai ektethimeni
(an fysika
setareis swsta to firewall)
Koita sta HOWTO kai sta archives :

http://lists.hellug.gr/archives/linux-greek-users/2000/08/0121.html

I.Ioannou <roryt at hol.gr>

--
linux-greek-users mailing list -- http://lists.hellug.gr


--
linux-greek-users mailing list -- http://lists.hellug.gr

More information about the Linux-greek-users mailing list