Thank you all for your quick reply. Ok for web traffic squid is fine. But if I have a binary socket input/output thread and want to pass them transparently between the user and System B through System A, i think that only iptables can do that in tcp layer. Any ideas on this? Tim --- Robert LeBlanc <robert@xxxxxxxxxxxxx> wrote: > Squid would also do this for you. > > Robert LeBlanc > > > -----Original Message----- > > From: netfilter-bounces@xxxxxxxxxxxxxxxxxxx > [mailto:netfilter- > > bounces@xxxxxxxxxxxxxxxxxxx] On Behalf Of Rodrigo > Montoro (Sp0oKeR) > > Sent: Wednesday, February 14, 2007 6:08 AM > > To: Tim Perton > > Cc: netfilter@xxxxxxxxxxxxxxxxxxx > > Subject: Re: iptables: hide the real web server > from users > > > > I don' t think iptables is your best option for > that. > > Try mod_security, mod_rewrite or apache proxy . > > > > Regards, > > > > On 2/14/07, Tim Perton <grpanosgr@xxxxxxxxx> > wrote: > > > Dear friends, > > > I have a web server running on system B. I run > my main > > > services to System B but I do not want my users > to > > > talk to system B directly. > > > So I have another server (System A) in a > differrent > > > ISP & a completely different C class IP address > like > > > below: > > > > > > ----------------------------- > > > --- System A (IP=a.b.c.d) --- > > > ----------------------------- > > > > > > ----------------------------- > > > --- System B (IP=e.f.g.h) --- > > > ----------------------------- > > > > > > System A runs iptables(redhat EL4). > > > > > > I want my users to do a request like > > > http://a.b.c.d/1.php and then machine A to make > the > > > same request to System B, get the results and > send > > > them back to the user transparently. > > > Practically System A to act as an intermediatery > to > > > the real machine (System B). > > > > > > Any idea on how to do this? > > > > > > Regards, > > > Tim Perton > > > > > > > > > > > > > > > ________________________________________________________________________ > __ > > __________ > > > Food fight? Enjoy some healthy debate > > > in the Yahoo! Answers Food & Drink Q&A. > > > > http://answers.yahoo.com/dir/?link=list&sid=396545367 > > > > > > > > > > > > -- > > ===================== > > Rodrigo Ribeiro Montoro > > Desenvolvedor BRMAlinux > > spooker@xxxxxxxxxx > > RHCE/LPIC-I > > ===================== > > > ____________________________________________________________________________________ Sucker-punch spam with award-winning protection. Try the free Yahoo! Mail Beta. http://advision.webevents.yahoo.com/mailbeta/features_spam.html
