Great replies from all.
What I intend to do is try to learn the system and better understand the
processes and techniques involved in doing this. This is really for
academic interest.
The basic scenario boils down to this, and it's rather a simple one:
There's a bunch of game players in another country (people that I know)
that cannot play WoW because of a huge amount of lag. So I want to run
a proxy of sorts so that these people can proxy into my servers (one on
the east coast, one on the west) and then go on to play WoW with far
less lag than if they directly connect to the blizzard servers. So our
servers act as a sort of relay for WoW traffic. This is where I want to
only allow the ports that are necessary for WoW traffic, no http,ftp,ssh
etc. Someone told me that Socks Server 5
http://digilander.libero.it/matteo.ricchetti/ss5_description.html should
be able to handle it. I've never used this before and don't have any
experience setting up a proxy, would this help out or is there a better
solution?
For the time being forget that the users need to be synchronised, this
can be done manually, would the above scenario work? Is this a viable
option.
Appreciate the help
Jon
Shawn wrote:
The first half of the problem - creating the same user on two distinct boxes
(or networks??) has a couple options that I can think of off the top of my
head.
1) Set up a single sign one system. LDAP is the forerunner here, and can have
a primary server with slave servers synchronized automagically. This "may"
be the solution you need, depending on the complexities of your needs.
2) A far simpler solution is to just synchronize the /etc/passwd (and maybe
the /etc/group file). This can be as simple as
"rsync /etc/passwd [EMAIL PROTECTED]:/etc/passwd"
This will allow users to log into either box with the same credentials.
BUT, what is missing from this is where the /home directory sits. You'll
probably need to setup shared folder somehow (nfs, samba, nis, etc.) so that
both servers use the same physical drive location for their home directories
- so the users can see the same files from either server. This would only be
needed if you do really need console accounts for the users (rather than
virtual accounts).
The above is just a shot in the dark. There are some specifics we don't know
yet to be able to offer concrete solutions. For instance, are you simply
wanting a central authentication mechanism for an application? Then maybe a
database solution would be better suited....
As for restricting user access to specific ports, this seems to point to a
true proxy server. Restricting TCP/IP access for specific users or
applications is the purpose of a proxy server (as is filtering content).
So, I'm not sure if there will be a magic bullet that will do everything in
need in a single package. Though you can get close.
Can you offer some more detail of what and why you are trying to do this? We
might be able to offer more then....
Shawn
On Sunday 14 August 2005 22:09, Jon Copeland wrote:
Does anyone know any software which will allow me to accomplish the
following:
I have 2 linux boxes, each in a different geographical location. Each
with only a standard cable internet connection. I want to be able to
create users on one machine and have those users automatically created
on the other (So I want this sharing of resources in a way). I also
want to be able to separate internet traffic so that any new users will
only have the ability to go out on certain ports (To prevent abuse).
(They connect to the network from home with some kind of Windows
software, still undecided on this). I may not be explaining it in the
right way and if you don't go ahead and pick my brain I'll try to
explain it as best I can.
Does such a piece of software or series of applications exist?
Jon
_______________________________________________
clug-talk mailing list
[email protected]
http://clug.ca/mailman/listinfo/clug-talk_clug.ca
Mailing List Guidelines (http://clug.ca/ml_guidelines.php)
**Please remove these lines when replying
_______________________________________________
clug-talk mailing list
[email protected]
http://clug.ca/mailman/listinfo/clug-talk_clug.ca
Mailing List Guidelines (http://clug.ca/ml_guidelines.php)
**Please remove these lines when replying
