On Dec 5, 2003, at 6:12 PM, mathieu perrenoud wrote:
On Friday 05 December 2003 23:46, Nathaniel McCallum wrote:On Dec 5, 2003, at 5:39 PM, Marius Mauch wrote:On 12/05/03 Nathaniel McCallum wrote:OK, here is the scenario. Gentoo router has one routable ip and the internal network is nat'ed. The routable ip has a domain that resolves to it, lets call it foobar.com. Internally (non-routable ips), there are hosts (FQDN=host1.foobar.com,host2.foobar.com). Is there anyway (perhaps iptables, but probably some other software) to automatically forward all traffic to the appropriate host from the outside? I know this has to be done at the packet level, but there are some hardware solutions for this, so I thought their might be something else out there...
You can redirect traffic based on ports or IPs, but not on hostnames as
that information is not contained in the IP header, only in some higher
level protocols like HTTP.
Yes, I'm aware of this. That is what I am wondering, if there is any program that actually checks the packets and forwards appropriate traffic...
I think it has to be done on a per-protocol basis. For HTTP I would go for
apache on the router and check the proxy and reverse_proxy directives.
I don't think it's possible to do this at a more general level. And it's only
possible to do this for protocols which encapsulate hostnames like http or
ftp. You'll never be able to have your router forward "nc spam.foo.bar 1234"
to port 1234 of box spam.foo.bar.
What about for ssh? Any way to do it for that? Or will it consider that a "man in the middle" attack?
Nathaniel
-- [EMAIL PROTECTED] mailing list
