RE: Bastion Firewall Host Redirect Question

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



From: iic1tls [mailto:iic1tls@xxxxxxxxx] 
Sent: Tuesday, December 14, 2010 9:10 AM
To: 'Jonathan Tripathy'; 'netfilter@xxxxxxxxxxxxxxx'
Subject: RE: Bastion Firewall Host Redirect Question

Thanks Jonathan, but I can not modify the DNS.  I need an IPTables solution.

THANK YOU

-----Original Message-----
From: Jonathan Tripathy [mailto:jonnyt@xxxxxxxxxxx] 
Sent: Tuesday, December 14, 2010 8:59 AM
To: iic1tls@xxxxxxxxx; netfilter@xxxxxxxxxxxxxxx
Subject: Re: Bastion Firewall Host Redirect Question


>
> QUESTION
> Given that clients on the internal network can freely surf the internet:
if
> the clients select a specific web site (ie www.website.com), my goal is to
> configure IPTables to instead redirect the client to the internal web
> server.
>
> - If the client web browser is going to surf www.website.com, then
iptables
> redirects the client to 149.10.10.25
> - If the client web browser is going to surf any other website, then
> iptables permits the client to forward to the internet.
>
>
Use a local DNS server and set the hostname of the site that you want to 
re-direct to your local webserver. You can secure this setup a bit more 
by using a proxy server (Squid + SquidGuard) to prevent clients entering 
the IPs directly. The only thing that IPTables would do is make sure 
that only your proxy server can access the internet directly

--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html


[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux