Re: [Eug-lug] iptables

Tue, 01 Nov 2005 08:18:28 -0800 

Just as a follow-up:
The iptable commands were (I believe) working fine. Larry you were right about the web browser confusion. I experience the same type of behavior when I point a web browser at http://<some ip>:443. 

On Oct 31, 2005, at 11:36 AM, larry price wrote:


what's listening on port 443?

if you are trying to forward an https response to an http browser
request you will confuse the browser since it's not expecting to
negotiate an encrypted session. You need to either use  a proxy that
can handle the https connection or use an http redirect to send the
browser request to the https port.

If you specifically need to forward https over port 80 (to deal with
someone's (idiotic) firewall setup) you could try doing
https://example.com:80/some/path/

you would have to do some configuration on the server end.

On 10/31/05, Jim Beard <[EMAIL PROTECTED]> wrote:

Howdy Folks,

        I have a question about port forwarding with iptables.


I want to forward port 80 to port 443 on the same machine.  I added 
the

following entries to iptables:

iptables -t nat -A PREROUTING -p tcp [-i eth0] --dport 80 -j DNAT --to
<external ip>:443

iptables -A FORWARD -p tcp [-i eth0] --dport 443 -j ACCEPT

The behavior I experience, is that when I try to reach port 80 on the
external ip from an external network, instead of forwarding my
connection, the web browser prompts me to download something.

Sometimes it is the name of the first folder in the path, sometimes 
the

name is a random string of characters, like "v8bdpmp2".  The files
created if I save are listed as 1k in size.

Anyone have any advice?  It seems like it should work.  I don't have
any other rules set up in my nat table or on the forward list...


Jim Beard
counterclaim, Inc
http://www.counterclaim.com
http://openefm.sourceforge.net
(800) 264-8145

_______________________________________________
EUGLUG mailing list
[email protected]
http://www.euglug.org/mailman/listinfo/euglug




--
http://Zoneverte.org -- information explained
Do you know what your IT infrastructure does?
_______________________________________________
EUGLUG mailing list
[email protected]
http://www.euglug.org/mailman/listinfo/euglug



Jim Beard
counterclaim, Inc
http://www.counterclaim.com
http://openefm.sourceforge.net
(800) 264-8145

_______________________________________________
EUGLUG mailing list
[email protected]
http://www.euglug.org/mailman/listinfo/euglug














    











					Reply via email to