News:

Pretty crazy that we're closer to 2030, than we are 2005. Where did the time go!

Main Menu

Hey iago, question!

Started by Sidoh, January 31, 2006, 03:00:08 AM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

Sidoh

January 31, 2006, 03:00:08 AM
Hey iago, I've got a question for you.

I want to redirect all traffic referred from muaddib.sidoh.org to my computer on my network.  I added a CNAME alias for muaddib.sidoh.org to sidoh.org., so it's obviously going to hit my server just the same as sidoh.org would, but I'm wondering if there's something I can do on my server to redirect any traffic that's being referred from by muaddib.sidoh.org to my computer.

I'm guessing something maybe with iptables?

Thanks in advance.

Eric

#1
January 31, 2006, 04:50:57 AM Last Edit: January 31, 2006, 04:53:03 AM by Lord[nK]
You'd need to use either a second IP address or different ports to differentiate the traffic, atleast at the TCP/IP level.

iago

#2
January 31, 2006, 08:41:04 AM
There's an Apache proxy module.  I forget what it's called, but it shouldn't be too hard to find, and I think it can do what you are asking.  I think.  It's also a security risk if it's not set up right, so read the instructions :)

If it doesn't work, then LoRD is right, you'll have to use a different port.  I can't think of any other way to do it.  It's an application-layer thing, and routers don't tend to look at the application-layer. 

Sidoh

#3
January 31, 2006, 03:34:09 PM
I was wanting to direct all traffic referred from muaddib.sidoh.org, not just HTTP.  That's kind of a bummer... :(

mynameistmp

#4
January 31, 2006, 04:04:08 PM
You can use iptables for that........

Sidoh

#5
January 31, 2006, 04:06:09 PM Last Edit: January 31, 2006, 04:15:42 PM by Sidoh
Quote from: mynameistmp on January 31, 2006, 04:04:08 PM
You can use iptables for that........

Sweet!!  Any chance I could get some help from you later today? :)

Edit:  Found some neat stuff on wikipedia (which was probably copied/pasted from the man page, haha...):

Quote-s [!] source[/prefix]
--source [!] source[/prefix]
Matches IP packets coming from the specified source address. The source address can be an IP address, an IP address with associated network prefix, or a hostname. If '!' precedes the source, this matches all packets that are not coming from the specified source.

I'll work more on this later.  I need to go now.  Thanks tmp!

Eric

#6
January 31, 2006, 05:44:01 PM Last Edit: January 31, 2006, 05:52:00 PM by Lord[nK]
Quote from: Sidoh on January 31, 2006, 04:06:09 PM
Quote from: mynameistmp on January 31, 2006, 04:04:08 PM
You can use iptables for that........

Sweet!!  Any chance I could get some help from you later today? :)

Edit:  Found some neat stuff on wikipedia (which was probably copied/pasted from the man page, haha...):

Quote-s [!] source[/prefix]
--source [!] source[/prefix]
Matches IP packets coming from the specified source address. The source address can be an IP address, an IP address with associated network prefix, or a hostname. If '!' precedes the source, this matches all packets that are not coming from the specified source.

I'll work more on this later.  I need to go now.  Thanks tmp!

Step 1: 63.244.14.19 -> muaddib.sidoh.org -> sidoh.org
Step 2: 63.244.14.19 (source address) -> 66.28.80.82

Step 1: 63.244.14.19 -> sidoh.org
Step 2: 63.244.14.19 (source address) -> 66.28.80.82

Your server is completely unaware of the fact that the user ever even initiated a connection with either of the DNS servers as they are two entirely different connections.  There's also a great possibility that the IP addresses are cached on either the user's machine or the web domain service in which case any or even all of the processes from step 1 are skipped.

Sidoh

#7
February 01, 2006, 01:06:26 AM
Question for you, then:

Go here: http://www.dark-wire.net

It should just be a blank page, but that's not the point.

sidoh@muaddib:~$ host www.dark-wire.net
www.dark-wire.net is an alias for dark-wire.net.
dark-wire.net has address 70.84.86.74


Now, go here: http://70.84.86.74/

I don't get it?  I understand what you're saying, but why does it resolve to an IP address, yet they're obviously on different servers/directories when accessed by different means?

Eric

#8
February 01, 2006, 01:23:24 AM
http://www.dark-wire.net most likely points to a specific file or folder on the server whereas http://70.84.86.74/ is simply the address of the root directory which obviously was not configured.

Sidoh

#9
February 01, 2006, 01:47:46 AM
Quote from: Lord[nK] on February 01, 2006, 01:23:24 AM
http://www.dark-wire.net most likely points to a specific file or folder on the server whereas http://70.84.86.74/ is simply the address of the root directory which obviously was not configured.

But since they're two seperate connections ( Resolve -> Request ), how is it able to differentiate the referrer dark-wire.net from its IP address?

Eric

#10
February 01, 2006, 02:27:25 AM
Quote from: Sidoh on February 01, 2006, 01:47:46 AM
Quote from: Lord[nK] on February 01, 2006, 01:23:24 AM
http://www.dark-wire.net most likely points to a specific file or folder on the server whereas http://70.84.86.74/ is simply the address of the root directory which obviously was not configured.

But since they're two seperate connections ( Resolve -> Request ), how is it able to differentiate the referrer dark-wire.net from its IP address?

That one required some research on the HTTP protocol.

Sidoh

#11
February 01, 2006, 11:59:03 AM
Quote from: Lord[nK] on February 01, 2006, 02:27:25 AM
That one required some research on the HTTP protocol.

Damnit!  I knew that too, just didn't think about it.  haha.

Thanks for your help. :)
Print
Go Up Pages1
User actions