Hello everyone
I'm Antoine Rouchet, I work for a french cable ISP (Numericable).
My actual project is to allow our hotliners and IT staff to access
customer's modem web management interface:
- We have several thousands of modems on the network, each of them have a
management web interface to which the customer can access (with "user"
privileges) from his local private network, and to which we can access over
the dedicated "modem" network too (with more privileges).
- But it is not possible to allow the access to this "modem" network to
untrusted people, so the idea is to set up a unique gateway (an HTTP
server/proxy) our staff can access via an URL (like:
http://modemgw.staff.private/modem/ip_10.1.2.3/).
- Of course the main problem is that every customer's modem cannot be
declared in the proxy configuration file, it must be dynamic (i.e.: a
directive in the configuration file allow reverse proxying to 10.0.0.0/8
from *.private)
I know squid can do everything here, but I'm not sure for the last condition
(target not declared in configuration file). Does anyone have an idea about
that? Any help is welcome, of course.
(I've also tried with Apache + mod_proxy/mod_html/mod_rewrite. But the only
thing mod_rewrite support is to declare a simple proxy with a RewriteRule (P
flag) directive, so there is no rewriting of the HTML/headers.)
Best regards,
Antoine Rouchet.
