[plug] Slightly OT? cascading proxies
Matt Kemner
zombie at wasp.net.au
Thu Oct 5 11:08:23 WST 2000
On Thu, 5 Oct 2000, Denis Brown wrote:
> Another thought which has been triggered by all the above is this: can I
> implement a CGI/Perl/PhP/whatever script to run on an Apache server to
> effectively do IPMasq'ing? In other words, client on remote (unfriendly)
> subnet points browser to the Apache box. Apache box (my Linux box) serves
> him a page requesting the url of interest on the local (friendly)
> subnet. Apache box sends the request to the server for the required
> resource, apparently from a "friendly" user -- in other words, a form of
> masquerading.
If I understand correctly what you're trying to do, you may be able to do
this by a form of "port forwarding" - no Apache needed.
For example, you could redirect port "81" on your linux box to port "80"
on the webserver you wish to view from the remote network - the webserver
would see the connection from the Linux box when it's really coming from
remote.
The easiest way to do this (IMHO) is with the "redir" program.
You can run this out of inetd by following these steps:
1) add an entry to /etc/services eg:
myproxy 81/tcp
2) add this line to /etc/inetd.conf:
myproxy stream tcp nowait.600 root /usr/sbin/tcpd
/usr/sbin/redir --inetd 192.168.x.x 80
(replace 192.168.x.x with the IP of your webserver)
Depending on the version of redir, you may need to use a different syntax
- newer versions of redir need something like:
/usr/sbin/redir --caddr=192.168.x.x --cport=80
- Matt
More information about the plug
mailing list