CentOS 5 Server :: Gateway Server To Redirect Traffic For Http/smpt/pop3
Apr 6, 2010
I have been beating my head for the last few weeks on this problem, (although I have been taking the wrong approach, it seems).
I need a gateway to direct web traffic to three separate servers/domains. I have been trying to do this with both a dns server and , (seperatly), apache server to forward requests. The dns server was a no go, and <i can only get apache to redirect http and ftp.
After Googling this ALOT, I believe that what I need is a gateway server to redirect my traffic to the 3 different servers. I have been reading about using using nat and iptables for this and was wondering if anyone had any advice/suggestions on this. The other thought I had was to use something like pfSense to create the gateway, but I am still reading the documentation, and I am unsure if this approach will work.
I'm trying to setup a Centos 5.6 Squid Proxy Server with Content Filtering & Antivirus Scanning Incoming HTTP Traffic from the Internet
I then proceeded to setup an configure the Proxy Server, i was able to test and confirm that Squid and Dansguardian Content Filter is working, however i dont know if Clamav is scanning HTTP traffic before it hits the client/server. Is there a way i can check if the Antivirus scanning is working.. is there some log file or real world test i can i can do to confirm that Clamav is scanning incoming traffic or even blocking potential viruses ??
Anyone who has squid proxy server with Clamav configured and its working can share there settings/setup with me and how they tested it ??
I need to redirect all http/https/ftp traffic through the remote proxy, but when I changes connection settings in browser or in System->Preferences->Network Proxy it doesn't work well: instead of getting page content browser asks for saving some short (8 bytes) file with the same content for all requested pages. It happens in Chrome/Opera/Firefox. This proxy requires authorization and works on computer with Windos XP. It worked well when I was using Windows 7 and Proxifier, now I have Ubuntu 9.10 with all available updates.
I was wondering what the best way of redirecting all traffic, not just http traffic, from my hosted web server on hostmonster (with a domain name) to my home server.... I wondered if it would be possible to do it with a simple script running on the hosted web server?? Also is there a way of getting round having all the ports open on the hosted web server that I want to use on my home server??
* a router/gateway. The external interface have the public IP, an other the DMZ, a third the internal room* a DMZ with the web server* an internal network (internet public room)I redirect the http port 80 to the web server. You should see him there.But I can't see this web site from the internal room. From the public IP /URL I have some sort of non existent message (sorry forgot to copy it). If I call for the private IP, I get the home page (but not the CSS files)the gateway nat's the networks.What is the trick to see the web site from the internal network?
We have a cisco ASA firewall at work,which redirects all http traffic to our webserver. We have to install a new website ,but it can't be installed to the same server. Setting up a squid reverse proxy can redirect the incoming http requests to the appropriate webserver? If yes, could I get some directions on howto?
I tried to setup a home server that will redirect the internet traffic through the server before it reach the client. Because i don't want to install anti virus on every machine, it will slow them down a lot. There are some anti virus for ubuntu. Most of my home machines are running windows, which is a pain with virus.
p/s: I'm running 1 ubuntu server 10.04 and the rest are windows 7 machines.
I have set up an openvpn server on ubuntu via port tcp 443. The server use a public network and almost every ports are blocked (not 443) So when a client connect to the server, if it send traffic needing a blocked port, the connection cannot been etablished of course. So i d like to know if it is possible to redirect all incoming traffic on the server to an other unblocked port (like 443) to bypass firewall.
I dont think openvpn offer this possibility but maybe with linux it is possible..
I have searched and searched for a reverse proxy solution for non-website traffic. TCP but not http, on ports other than 80, 443, 8080, etc. Basically I just need a TCP forwarder that works with multiple TCP servers, WITHOUT webpage caching features. I do not need or want any webpage caching. Can squid work as a reverse proxy for TCP traffic without http? The other program I came across in searching was HAproxy. Both programs are for http but I am curious if they would work for TCP servers that do not serve webpages.
How can I download Mail from Dovecot POP3 Server to new Dovecot POP3 Server of all users and will always run every minute. I've tried fetchmail and getmail but only in one user and need to run fetchmail or getmail to retrieve new emails.
Will squid or HAproxy work to reverse proxy non-http traffic? I have searched and searched for a reverse proxy solution for non-website traffic. TCP but not http, on ports other than 80, 443, 8080, etc. Basically I just need a TCP forwarder that works with multiple TCP servers, WITHOUT webpage caching features. I do not need or want any webpage caching. Can squid work as a reverse proxy for TCP traffic without http? The other program I came across in searching was HAproxy. Both programs are for http but I am curious if they would work for TCP servers that do not serve webpages.
Currently I have a server which runs under centOS 5.6. It is dedicated to the VoIP application of my customer.I have a problem for which I have the solution but I didn't managed to achieve it.So, let me explain you the context.Here is the networking aspects of my environment
VoIP Provider_____Gateway_____________My server ADSL Provider____(non pingable) x.x.x.2 <====> A.A.A.1 <======> A.A.A.3
Having my Diploma Final Project on setting up a virtual mail server within Local Area Network (LAN) only. I had follow this how-to [URL] and complete up to squirrealmail web mail. I added two new user to try on sending and receiving mail. It works. I run CentOS on VMplayer. I using my laptop to do all the stuff, the laptop default OS is windows 7, I install VM player on it and run CentOS inside the VM Player.
I want to do testing on Windows 7 side by installing Thunderbird email client program, I want to connect to mail server with SMTP, IMAP/POP3 using the email service. I have problem while setting up user account on Thunderbird, Thunderbird seems like cannot detect my CentOS mail server. How? Do I have to do any other configuration on CentOS? Any DNS? Port number for IMAP, POP3 or SMTP?
I'm using something like telnet [URL] 25 and it comes back as not being able to connect to host on port 25. I don't have port 25 blocked anywhere. I turned off the firewall and even opened up port 25 on the hardware firewall router. If I ping it I can connect.
Recently I notice that when I'm connected to an vpn server (pptpd) and I'm using it as a default gateway my download and upload speed decreases almost to the half of the usual speed. I made a test using iptables in order to count how much GRE packets are generated (except the real traffic itself) in that way:
Code: iptables -I INPUT -p gre -j ACCEPT iptables -I OUTPUT -p gre -j ACCEPT
iptables -I FORWARD -s 172.16.10.101 -j ACCEPT iptables -I FORWARD -d 172.16.10.101 -j ACCEPT The first 2 rules match all GRE packets between the pptpd server and client, and the next rules - the traffic between the server and the client.
When I turn the counters to zero and begin to generate traffic (to browse, to download etc.) I see that the GRE packets are even more than these in the FORWARD chain.
So, my question is first of all is my test correct and is it true that so much gre traffic is being generated during the browsing (it becames clear that the traffic is double than if the pptpd wasn't used as a gateway) and if yes - can that traffic be reduced?
I am having problem to collecting email from remote POP3 (all the emails for a domain is stored here) and distribute it after collecting to several users defined to Linux server. I have install postfix in Linux server for email distribution.
I've been attempting to setup PXE/HTTP network installs so we can better handle deployments for new systems. I have a test CentOS 5.4 VM running, and another test VM that I want to deploy 5.4 to. TFTP, DHCP are all working correctly. Apache 2.2.3 config "seems" OK. When I kick off the VM which I will install to, DHCP discovery and IP allocation works, the TFTP server is found, I am presented with a menu option of OS selection.
I choose #1, for my 5.4 but then it immediately tells me: "Invalid or corrupt kernel image"
/var/log/messages doesnt show anything other than the DHCP OFFER/ACK process and that TFTP client doesn't accept options /var/log/httpd/error_log doesnt show anything either Not sure where else to look for diagnosis. My Apache config directory: /var/www/html/CentOS
My Apache DocumentRoot: /var/www/html/CentOS Directives: <Directory "/var/www/html/CentOS"> AllowOverride None Options None Order allow,deny Allow from all </Directory>
Forgot to add this line from my pxelinux.cfg/default file: label 1 kernel 5.4/vmlinuz append initrd=5.4/initrd.img ramdisk_size=16000 method=http:/10.37.129.3/CentOS ip=dhcp
(I think I have found my problem.. 5.4 was in the TFTPBOOT directory, but now that I'm using HTTP, I changed this to be: kernel CentOS/vmlinuz and append initrd=CentOS/initrd.img) -- question is, will just changing this work?
My ISP has a bad habit of killing nearly all sustained FTP transfers (reset packet to my router and the remote host) and I need to install CentOS 5.5 on an older pc that doesn't have a DVD drive. My solution would be to (temporarily) turn on IIS on my laptop and extract the contents of the DVD to the ftp dir, but do I simply just drop everything in there with the same directory structure as the DVD or is there a particular way I should set up the directories?
I posted it on another forum, but could not get response,So I have this cenOS, Ubuntu and windows operating system running on virtual machines.Now I gave them manual ip address, both ubuntu and windows machines can ping the default gateway, but not the CentOS.It should forward 0.0.0.0. to my cisco router address(192.168.5.254),
I've two internet based server ( xx.xx.xx.xx and yy.yy.yy.yy ) The Y server is running VNC server and is responsible for answering to VNC sessions. But I need to hide the IP of Y server so I want X server to be as VNC Proxy and redirect all VNC sessions to Y server.
I guess the best way is to use iptables but actually I can't get it working so
I'm trying to set up a server for an NPO who connects to the Internet through an internal proxy (Websense). I can't access the Internet unless through the proxy.
Since it's a server I did not install a GUI so I'm wondering how to connect the new server to said proxy server. I have the IP address, port number and username-password for the proxy server. The new server has a static IP address and is ready too go!
We have a production web site running apache 2.2.3 across several web servers. we also have a major problem with SPAM comments right now. our method of identifying valid IPs (whether by external clients/customers, or internal personnel) vs SPAM'ers is not ideal - its prone to erroneously labeling legit IP's as targets to be blacklisted.
What we need is.. a way to see how much distinct request traffic is coming from any given IP address to the site in real time (or very near realtime). Essentially we want to see in some graphic/chart way requests per sec to apache / per ip sorted by requests per sec.Would nTop do this? I've only used this in a limited form at a branch office, not on a production web server.
i am forwarding HTTP request to a internal server, it is quiet successful but access logs donot show the ip of the external m/c. Rather it shows the ip of the machine on which i have enabled port forwarding.
I've set a two-node cluster using Pacemaker/OpenAIS. I have only one network and if I break this one, the communication between node is interrupted ... With a ClusterIP resource, when network is breaked, then each node start the ClusterIP => 2 same IP .. Is there a way to define the prefered location of a resource when connection between these nodes is broken ?
A <==> B
If one of the node lose the network, then follow a previously written rule : start resource on A (for example). B will know than it's not the prefered node and so, will stop to serve. Possible ? This is because if both node are connected, but a problem between these node occur and client can join both node ... then the split brain is problematic ... A better solution is to add a rule when the split-brain occurs : all node wich can't reach the gateway have to stop all resources ... And so, if it's A wich lose the network, service will start on B and only B without any problem ...
