Server :: Proxy SSL Requests To Another Port To Hide Port # In URL?
Jul 1, 2010
server: LAMP - debian, apache2, mysql, php5. a bit info on my network: There is a another service here that already uses port 443 already. It made my website time out, hence the move to another port. PLus, i dont want the 2 services sharing the port. What I am trying to do is forward 443 requests to another port where the SSL service is running so I can hide my port number in the URL.
Here is my sites available conf file:
Code:
NameVirtualHost *:80
NameVirtualHost *:443
NameVirtualHost *:####
[code]....
View 11 Replies
ADVERTISEMENT
May 2, 2010
I have a mail server i need it to send message via port 587 not port 25, i make some changes to my postfix server which i use and it is already successed making a telnet to 587 port like it :
[Code]....
View 3 Replies
View Related
Mar 4, 2010
I want to run a proxy server on port 1080, so I typed
Code:
ssh localhost -D 1080
That way I am able to connect to port 1080 from that server, but I can't connect to port 1080 from another client on the LAN.
What can I do so that other clients can connect to port 1080 on my server?
View 2 Replies
View Related
Nov 10, 2010
I live in a campus & I use wifi...I know the server host IP but dont know ftp port number....so I can not open ftp pages through google chrome as I cant specify the port number. Is there any way to know the port number?
View 3 Replies
View Related
Apr 25, 2011
I have got a reverse proxy that is working just fine, it accepts requests on port 443 and port 80 and ONLY sends traffic upstream to port 80 to the apache server listening on localhost. I use the following config:
https_port 10.14.1.72:443 cert=/etc/squid/self_certs/site.crt key=/etc/squid/self_certs/site.key defaultsite=site vhost
cache_peer 127.0.0.1 parent 443 80 no-query originserver login=PASS
http_port 10.14.1.72:80 vhost
My problem is the following : The site should act differently in some occasions based on whether http or https was requested. So my idea is to setup second http vhost on apache listening to port 8080 and on that vhost I would server the https code. So is it possible to use SQUID to :
Send traffic destined for port 443 to localhost:8080
and
Send traffic destined for port 80 to localhost:80 ?
View 13 Replies
View Related
Feb 18, 2010
I want to do a simple port redirect, i.e. whatever comes trough whatever interface on port AAAA will get redirected to port BBBBI thought that iptables -t nat -I PREROUTING --source 0/0 --destination 0/0 -p tcp --dport AAAA -j REDIRECT --to-ports BBBBhowever it doesn't work, e.g. nc -v -w2 -z localhost AAAA gives:
nc: connect to localhost port AAAA (tcp) failed: Connection refused
while
nc -v -w2 -z localhost BBBB
[code]....
View 10 Replies
View Related
Aug 30, 2010
We currently have a SUSE Apache2 reverse proxy server setup to reverse proxy (proxy_mod) our GroupWise Web Access server. Our SUSE box is located at www.domain.com. Our GroupWise Web Access server is located internally and is called GWMail. We are in the process of migrating from Novell to Windows, so we will have an exchange server with OWA access running on a Windows Server 2008 IIS7 box. That one will be called EXMail internally. Right now when someone goes to www.domain.com/gw/webacc it goes to the GWMail internal server from the outside world. This was all set up by previous techs who used Linux more.
We would like to set up reverse proxy to be able to reverse proxy to the Exchange Server from the outside world. Unfortunately the snag we are running into is that Exchange needs to run on port 443, and forwarding to port 443 has been a little tricky. I've read elsewhere we need to implement a generic TCP proxy, such as IPtables. what we need to do to get our SUSU Apache2 server to be able to reverse proxy to our Exchange server on port 443. For the save of argument lets call our SUSE server ExtranetServer. Below is our default-configuration.conf file's configuration:
[Code]....
View 12 Replies
View Related
Oct 21, 2010
VERY new to linux, erm but I have an issue that needs solving!I recently moved to university, where their network blocks sftp port 22, this means that I cannot connect to my FTP server which is running a version of linux.Now I've got this ftp server connected to a seedbox and it was created using the following walk through..Code:I have written this guide for a friend, but I though it would be useful for others as well.
There are several guides floating around, but I found that most always cock up in some way. This one is tried and tested to work on Debian Etch (on an OVH rps, but should apply to most servers).If there is a new stable release of rtorrent/libtorrent then I will update this guide to show you how to update it (without reinstalling the whole server).
At the bottom there are also instructions to install ftp access & some network monitoring software.Basically, I would really like someone to be able to construct the commands on how to change the listen port for sftp connection on linux or add another port to the list that Linux would use so that I could put in through putty.
View 2 Replies
View Related
Aug 5, 2009
If I forward port 80 to port 3128 for squid with an iptable rule, does port 3128 have to be open on the firewall or is this all routed behind the firewall?
View 4 Replies
View Related
May 18, 2010
I've managed to confirm that I can reach my home network via ssh from a remote location through my SMC Barricade when it is directly connected to the desktop machine but when the second router is put back into the chain ssh requests time out. The second router is a Linksys WRT 54GL running the Tomato firmware. The chain looks like this: ISP's router (bridged) --> Barricade -->WRT54GL-->desktop
The Barricade has port 22 forwarded to the Linksys' WAN address and it in turn forwards to the desktop address. It appears that it is a setting on the Linksys firmware that is preventing the remote connection. I've looked through the various settings many times but cannot see anything that would cause the problem.
View 4 Replies
View Related
Jan 13, 2010
I am running a voip server on port 5060. I want to hide this to all the robots scanning the net permanently - I know this is not enough security - it is just to prevent them from wasting by bandwidth testing all usernames until fail2ban stops them !
I'd like to have port 5060 accepting requests only from 'trusted' hosts, while others (client with dynamic ip) use port 5065 - thus, port 5060 will only appear open for some trusted partners and the bots will skip to something else.
I have setup the iptables rules succesfully to accept only trusted hosts.
-A RH-Firewall-1-INPUT -s 93.x.y.z -p udp -m state --state NEW -m udp --dport 5060 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m state --state NEW -m udp --dport 5060 -j DROP
I've added a PREROUTING NAT rule that change the port from 5065 to 5060 for others - but then, this gets caught in the INPUT rule as port 5060 -A PREROUTING -p udp -m udp --dport 5065 -j DNAT --to-destination 192.168.1.1:5060
This works so well that the packets coming on port 5065 are translated to port 5060 and get caught in the DROP rule...
View 1 Replies
View Related
Apr 6, 2011
I edited "sshd_config" file and changed port 22 to a new port. After I restart ssh, it listens on port 22 and the new port. How can I disable SSH to listen on port 22? I'm using Debian.
View 6 Replies
View Related
Jun 5, 2010
I'm using a local proxy server VPN'd to another network.
How do I setup either Firestarter or Gufw/ufw to ONLY allow in/out from ONE port? (The one port the proxy uses)
Ex: Firefox is proxied to 127.0.0.1, all ports, and then the proxy picks it up, and sends out on port xxxx, and recieves on port xxxx, then sends back thru 127.0.0.1, back to Firefox.
Any setting/rules I've treid on either Firestarter or Gufw kills the proxy>VPN (Proxy won't connect to remote network)
Addendum: If I start the proxy FIRST, then the firewall, all is good. I'm thinking the proxy uses a port to connect with remote network first, then switches to my configured xxxx port...hmmm
View 1 Replies
View Related
Nov 7, 2010
In order to connect to the internet when i am at work i have to use a proxy server; the problem is that this proxy also blocks port xxxxx which is used by a internet radio station. Is there any way to be able to listen to that radio station?
View 5 Replies
View Related
Jun 6, 2011
i have a proxy server up and running but one server using port 8181 cannot be accessed.how i can open that port!...i tried adding it in the safe ports but it still isn't working...
View 1 Replies
View Related
Mar 18, 2010
A Linux (CentOS5.3) server is setup with apache reverse proxy. The reverse proxy server is opened to outside and an internal server is mapped to ProxyPass configuration. SSL certificate is also installed on the Apache reverse proxy server. The problem is, it is extremely slow in serving http requests through reverse proxy. There is no problem with server resources or bandwidth. When the internal server is directly accessed through Internet, there is no delay. The backend server and the reverse proxy server are also on the same switch (same subnet). When I searched the Net, there were recommendations to enable cache in Apache. I did so as follows in httpd.conf.
<IfModule mod_disk_cache.c>
CacheEnable disk /
CacheRoot "/var/cache/mod_proxy"
CacheDirLevels 5
CacheDirLength 3
</IfModule>
But still there is no progress. Do I want to enable cache in ssl.conf too? Or is there any other workaround to speed up Apache reverse proxy. Is there a way to check that caching is happening?
View 4 Replies
View Related
Apr 26, 2011
I'm trying to get https/443 traffic go through squid.
View 3 Replies
View Related
Apr 14, 2010
I am using VirtualBox as virtualization machine. My topology is:Quote:Internet=====(eth0)HostOS=SLackware(eth1,br0)=====(eth0)GuestOS=slackwareCondition each OS:
HostOS:
eth0 = 192.168.7.80/24
Gateway = 192.168.7.1
[code].....
View 5 Replies
View Related
Jan 26, 2010
Here is my network diagram ADSL router----firewall--LAN inside the LAN my squid is running. currently all users are working with out proxy server. I installed the proxy server inside the LAN. now all users can access web browsing ,but no other ports are working , like POP3, smtp, then some other TCP port based applications are not working. My firewall ( juniper) is created and tested the rules to allow the POP3 and smtp and selected poprts which is working , but I redirected through squid proxy server the clients are not able to access. where do I have to create rules?
** in squid proxy( i already did in safe port list stillnot working)
** IP tables?
View 6 Replies
View Related
May 13, 2010
I'm new to linux, but enjoy using it very much, especially without a GUI, console is fun! I need to set up port forwarding. We have 3 servers, 1x running Ubuntu server 8.04 (used as transparent proxy), 1x server 2003, 1x windows xp.
The linux box has the following ips:
eth0 (internal) 192.168.1.5
eth1 (external) 192.168.0.7
Windows server 2003:
192.168.1.6
Windows XP:
192.168.1.9
Router:
192.168.0.1
The router automatically forwards specific ports to 196.168.0.7 (Linux eth0). From there I want to forward port 8585 to 192.168.1.6 and 3000 to 192.168.1.9. Is there a way that I can do this using iptables?
The commands that I think I'm gonna use look like this:
iptables -A FORWARD -s 192.168.0.0/24 -p tcp --dport 8585 -d 192.168.1.6 -j ACCEPT
iptables -A FORWARD -s 192.168.0.0/24 -p tcp --dport 3000 -d 192.168.1.9 -j ACCEPT
Would this be a correct way of doing it? My biggest problem is that I can't test it without going live, and if I go live and something doesn't work, the entire building will be left without internet, people will hate me. Also, The proxy captures all data on port 80 and forwards it to 3128 so that the proxy can monitor the usage, and a few systems runs fine with it, others however can ping websites, and internet explorer says "website found, waiting for reply" but the webpages cannot be displayed.
View 9 Replies
View Related
Dec 22, 2010
I have just installed Squid proxy. i also use WPAD to deploy policies for all client. Both works well together. Now i want to configure firewall Juniper SSG140 will be deny all request from client to access internet and redirect to Squid. I mean deny HTTP & HTTPS except Squid (port 3128), even i want to all access to internet have to through Squid proxy. I don't expert about the firewall Juniper. May i know step by step configure it.
[URL]
View 6 Replies
View Related
Jul 15, 2011
i want if a port (exp. 1001) have 20 connections that the next new connection forword to an other port (exp. 1002).
View 2 Replies
View Related
Jul 20, 2010
I tried to make "ssh tunneling", but failed and got this message.
Quote:
Administrator@windstory-PC /
$ ssh -R 7869:localhost:7869 windowsstudy@192.168.0.4
windowsstudy@192.168.0.4's password:
Warning: remote port forwarding failed for listen port 7869 Last login: Wed Jul 21 01:56:04 2010 from 192.168.0.2 -bash-3.2$
1. system environment
192.168.0.2 - windows 7 + copssh
192.168.0.4 - centos 5.4 x86 + openssh
2. Guide for setting "ssh tunneling"
[URL]
3. Added this to sshd.conf
Quote:
AllowTcpForwarding yes
4. "netstat -na|grep 7869" at 192.168.0.4
Quote:
[root:maestro:~]# netstat -na|grep 7869
tcp 0 0 0.0.0.0:7869 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:7869 127.0.0.1:53539 ESTABLISHED
[code]....
5. result of "ssh -vvv -R 7869:localhost:7869 windowsstudy@192.168.0.4"
Quote:
debug3: authmethod_lookup password
debug3: remaining preferred: ,password
debug3: authmethod_is_enabled password
[code]....
6. I added 7869 for telnet service as follow;
Quote:
mytelnet 7869/tcp # My Telnet server
View 1 Replies
View Related
Nov 1, 2010
sudo ssh -L 750:192.168.123.103:873 username@192.168.123.103It does exactly what it's supposed to do, but how do i edit / remove this rule?Is there some config file where i can alter the forwarding? How does it get stored?Im using Ubuntu 10.10Server Edition (allthough i recon it would be pretty much the same across all versions
View 5 Replies
View Related
Apr 18, 2011
Is there any way to verify if packets being trafficked over a certain port are valid for the service you want to use this port for?
One obvious example that probably clarifies my question:
When I open port 443 (outgoing or incoming) for https/ssl traffic, I don't want this port to be used for say openvpn traffic.
Thus: when someone wants to surf to a website with https, it should be ok but if someone wants to connect to his home openvpn server over that same port, it should be blocked.
View 5 Replies
View Related
Mar 28, 2010
I'm not that great with mailservers, and just been thrown a curveball with a MS Exchange environment for which there is apparently no solution... yeah, right. But is there a workaround?
The problem is that the site mail (SMTP) needs to be sent via port 26 instead of the commonly used 25. Port 25 is mapped to a mailfilter, which apparently causes havoc with some of the mail, and the techs that have been on site trying to coax the Exchange server to co-operate have said that the only way would be to get rid of the filter.
The problem is that there are number of apps that are unable to have the outgoing port changed and so keep sending mail out on port 25.
I look after the Unix/Linux side of things at work, and I was wondering if there was an easy way to set up a Ubuntu box to receive mail on port 25 and just forward it to the MS box on port 26? So, in other words (and I hope this makes sense): monitor port 25, and forward whatever comes in on port 25 to the server on port 26. Simple portforwarding, or is it? What steps do I need to take?
View 2 Replies
View Related
Aug 7, 2010
When I use the following command:
ssh user@ssh_server -L 5500:localhost:5500 -p 22
everything works fine. I can log in, and local port forwarding is done. Otherwise when I use the command:
ssh user@ssh_server -R 5500:localhost:5500 -p 22
I get an error "remote port forwarding failed for listen port 5500". However when I try remote port forwarding in WinXP by use of putty there is no problem...
View 2 Replies
View Related
Apr 4, 2011
I'm trying to use iptables in order to forward all the incoming packets for port 5555 to port 5556 on the same server (192.168.2.101).
I wrote the following commands:
iptables -A PREROUTING -t nat -i any -p tcp --dport 5555 -j DNAT --to 192.168.2.101:5556
iptables -A FORWARD -p tcp -m state --state NEW -d 192.168.2.101 --dport 5556 -j ACCEPT
View 3 Replies
View Related
May 10, 2010
I'm trying to set rxtxSerial to work so a Java app has access to a serial port (via SiLabs CP210x driver, port /dev/ttyUSB0). When I use update-alternatives --config java, there are 3 alternatives which provide `java'. I have tried openJDK and Sun. Both fail but with completely different messages.
[Code].....
View 9 Replies
View Related
Apr 7, 2011
In SuSE firewall0. I do have a openSuse 11.4 and multiple IP addresses on eth0 interface
I run (trying to/have to) multiple TOMCAT servers.
I am trying to have each tomcat instance listen to on separate IP address for example:
What i am trying to do is to redirect
a) tomcat 1 -
a) tomcat 2 -
And so on.
I know that it has to be possible.
I do have just eth0/
Is is it possible. Do I have to create "vittual interfaces"? eth0:1, .......... and do redirection ?
"Server" has got just single interface - just 1 ethernet calbe goes to that server. I am planning to have 10-15 tomcat's on that server (I have to unfortunatley) and each has to run on port 80
Is it possible to "grant" permissions to normal users to run app on port 80 - that would solve me lots of problems if impossible to redirect.
I tried to setcap 'cap_net_bind_service=+ep' /path/to/tomcat ...... but no luck
View 7 Replies
View Related
