Find the answer to your Linux question:
Page 2 of 2 FirstFirst 1 2
Results 11 to 18 of 18
Originally Posted by polloxx @ lazydog: might be. I've made a little drawing to make it clear. This is what I want to establish: imagebin.ca/viewT6EX_v4.html no 1 is the tunnel ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #11
    Linux Guru Lazydog's Avatar
    Join Date
    Jun 2004
    Location
    The Keystone State
    Posts
    2,677

    Quote Originally Posted by polloxx View Post
    @ lazydog: might be.

    I've made a little drawing to make it clear.

    This is what I want to establish: imagebin.ca/viewT6EX_v4.html

    no 1 is the tunnel from the customer server to our shell server. (btw: this part works)
    no 2 is the connect back to customer server on http
    from my client-browser. For that part I need iptables (I think)

    So you want the connections from he http server to go back to your clients. How are your clients accessing this server?

    Regards
    Robert

    Linux
    The adventure of a life time.

    Linux User #296285
    Get Counted

  2. #12
    Just Joined!
    Join Date
    May 2009
    Posts
    11
    Through the tunnel.
    If I do "telnet 12.0.0.1 8000" on the shell server I can access the customer webserver.

  3. #13
    Just Joined!
    Join Date
    May 2009
    Posts
    11
    Or do I see it wrong?

  4. #14
    Linux Guru Lazydog's Avatar
    Join Date
    Jun 2004
    Location
    The Keystone State
    Posts
    2,677
    Sorry for the late reply, I was on vacation.

    OK, you should be able to do what I told you above to get this working with REDIRECT. This just says anything coming in on port X redirect it to 127.0.0.1

    Regards
    Robert

    Linux
    The adventure of a life time.

    Linux User #296285
    Get Counted

  5. #15
    Just Joined!
    Join Date
    May 2009
    Posts
    11
    np, I hope you enjoyed the vacation.

    There was a typo:

    If I do "telnet 127.0.0.1 8000" on the shell server I can access the customer webserver.

    But I'm still missing something because surfing to the shell server on tcp/8000 is not working. The server is not listening on 8000 after this:

    nat -A PREROUTING -p tcp --dport 8000 -j REDIRECT

  6. #16
    Linux Guru Lazydog's Avatar
    Join Date
    Jun 2004
    Location
    The Keystone State
    Posts
    2,677
    Hmm, try the following;

    Code:
    nat -A PREROUTING -p tcp --dport 8000 -j REDIRECT --to-ports 8000
    But I do not believe that this is needed. Can you capture the packets and look at them to ensure they are being routed properly?

    Regards
    Robert

    Linux
    The adventure of a life time.

    Linux User #296285
    Get Counted

  7. #17
    Just Joined!
    Join Date
    May 2009
    Posts
    11
    Currently I can't, but I can install wireshark on the server. The box is under my control.
    I'll install it and come back to you.

    Thanks for your help.
    P.

  8. #18
    Just Joined!
    Join Date
    May 2009
    Posts
    11
    Nothing is routed afaik, strange.

    I made a test-setup in my VMWare lab
    This is the capture: rapidshare.com/files/250367164/capture

    192.168.100.4 is the "browser"
    192.168.150.210 is the "shell server"
    192.168.150.211 is the "customer server"
    as in imagebin.ca/view/T6EX_v4.html

Page 2 of 2 FirstFirst 1 2

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •