Author Topic: Hey iago, question! (Read 4215 times)

Sidoh · « **on:** January 31, 2006, 03:00:08 am »

Hey iago, I've got a question for you.

I want to redirect all traffic referred from muaddib.sidoh.org to my computer on my network. I added a CNAME alias for muaddib.sidoh.org to sidoh.org., so it's obviously going to hit my server just the same as sidoh.org would, but I'm wondering if there's something I can do on my server to redirect any traffic that's being referred from by muaddib.sidoh.org to my computer.

I'm guessing something maybe with iptables?

Thanks in advance.

Eric · « **Reply #1 on:** January 31, 2006, 04:50:57 am »

You'd need to use either a second IP address or different ports to differentiate the traffic, atleast at the TCP/IP level.

iago · « **Reply #2 on:** January 31, 2006, 08:41:04 am »

There's an Apache proxy module. I forget what it's called, but it shouldn't be too hard to find, and I think it can do what you are asking. I think. It's also a security risk if it's not set up right, so read the instructions

If it doesn't work, then LoRD is right, you'll have to use a different port. I can't think of any other way to do it. It's an application-layer thing, and routers don't tend to look at the application-layer.

Sidoh · « **Reply #3 on:** January 31, 2006, 03:34:09 pm »

I was wanting to direct all traffic referred from muaddib.sidoh.org, not just HTTP. That's kind of a bummer...

mynameistmp · « **Reply #4 on:** January 31, 2006, 04:04:08 pm »

You can use iptables for that........

Sidoh · « **Reply #5 on:** January 31, 2006, 04:06:09 pm »

Quote from: mynameistmp on January 31, 2006, 04:04:08 pm

You can use iptables for that........

Sweet!! Any chance I could get some help from you later today?

Edit: Found some neat stuff on wikipedia (which was probably copied/pasted from the man page, haha...):

Quote

-s [!] source[/prefix]
--source [!] source[/prefix]
Matches IP packets coming from the specified source address. The source address can be an IP address, an IP address with associated network prefix, or a hostname. If '!' precedes the source, this matches all packets that are not coming from the specified source.

I'll work more on this later. I need to go now. Thanks tmp!

Eric · « **Reply #6 on:** January 31, 2006, 05:44:01 pm »

Quote from: Sidoh on January 31, 2006, 04:06:09 pm

Quote from: mynameistmp on January 31, 2006, 04:04:08 pm
You can use iptables for that........

Sweet!! Any chance I could get some help from you later today?

Edit: Found some neat stuff on wikipedia (which was probably copied/pasted from the man page, haha...):

Quote
-s [!] source[/prefix]
--source [!] source[/prefix]
Matches IP packets coming from the specified source address. The source address can be an IP address, an IP address with associated network prefix, or a hostname. If '!' precedes the source, this matches all packets that are not coming from the specified source.

I'll work more on this later. I need to go now. Thanks tmp!

Step 1: 63.244.14.19 -> muaddib.sidoh.org -> sidoh.org
Step 2: 63.244.14.19 (source address) -> 66.28.80.82

Step 1: 63.244.14.19 -> sidoh.org
Step 2: 63.244.14.19 (source address) -> 66.28.80.82

Your server is completely unaware of the fact that the user ever even initiated a connection with either of the DNS servers as they are two entirely different connections. There's also a great possibility that the IP addresses are cached on either the user's machine or the web domain service in which case any or even all of the processes from step 1 are skipped.

Sidoh · « **Reply #7 on:** February 01, 2006, 01:06:26 am »

Question for you, then:

Go here: http://www.dark-wire.net

It should just be a blank page, but that's not the point.

sidoh@muaddib:~$ host www.dark-wire.net
www.dark-wire.net is an alias for dark-wire.net.
dark-wire.net has address 70.84.86.74

Now, go here: http://70.84.86.74/

I don't get it? I understand what you're saying, but why does it resolve to an IP address, yet they're obviously on different servers/directories when accessed by different means?

Eric · « **Reply #8 on:** February 01, 2006, 01:23:24 am »

http://www.dark-wire.net most likely points to a specific file or folder on the server whereas http://70.84.86.74/ is simply the address of the root directory which obviously was not configured.

Sidoh · « **Reply #9 on:** February 01, 2006, 01:47:46 am »

Quote from: Lord[nK] on February 01, 2006, 01:23:24 am

http://www.dark-wire.net most likely points to a specific file or folder on the server whereas http://70.84.86.74/ is simply the address of the root directory which obviously was not configured.

But since they're two seperate connections ( Resolve -> Request ), how is it able to differentiate the referrer dark-wire.net from its IP address?

Eric · « **Reply #10 on:** February 01, 2006, 02:27:25 am »

Quote from: Sidoh on February 01, 2006, 01:47:46 am

Quote from: Lord[nK] on February 01, 2006, 01:23:24 am
http://www.dark-wire.net most likely points to a specific file or folder on the server whereas http://70.84.86.74/ is simply the address of the root directory which obviously was not configured.

But since they're two seperate connections ( Resolve -> Request ), how is it able to differentiate the referrer dark-wire.net from its IP address?

That one required some research on the HTTP protocol.

Sidoh · « **Reply #11 on:** February 01, 2006, 11:59:03 am »

Quote from: Lord[nK] on February 01, 2006, 02:27:25 am

That one required some research on the HTTP protocol.

Damnit! I knew that too, just didn't think about it. haha.

Thanks for your help.

Clan x86

News:

Author Topic: Hey iago, question! (Read 4215 times)

Sidoh

Hey iago, question!

Eric

Re: Hey iago, question!

iago

Re: Hey iago, question!

Sidoh

Re: Hey iago, question!

mynameistmp

Re: Hey iago, question!

Sidoh

Re: Hey iago, question!

Eric

Re: Hey iago, question!

Sidoh

Re: Hey iago, question!

Eric

Re: Hey iago, question!

Sidoh

Re: Hey iago, question!

Eric

Re: Hey iago, question!

Sidoh

Re: Hey iago, question!