On Wed, Oct 31, 2012 at 11:20:18AM -0600, Jason Wood wrote: > To keep it simple, I'd add an entry in my hosts file for the prod site > and point it to the the dev server IP.
Seconded, not only is a mass search and replace on a site time intensive, but you might just change something you shouldn't. Bear in mind not all software will refer to the hosts file ( depending what platform you're on, the software in question, the phase of the moon, and so forth ) so you might want to run a local DNS server instead, set it up so it thinks it's authoritative for the domain in question. > To be really certain scanning traffic never hits the prod site, you > could add a static route for the IP of the prod site to an invalid > gateway so that traffic to the site can't leave your network. > > For example: > Prod site IP - 10.10.10.3 > Default Gateway IP - 192.168.1.1 > > route add -host 10.10.10.3/32 gw 192.168.1.<unassigned IP> dev eth0 Agreed, although in my experience specifically blocking the IP to be avoided using IPTables is better, and then watching the logs - that way you'll spot any weirdness rather than just having the packets hit the floor. If you're going to route traffic to the prod IP then it's best to "null route" it ( http://en.wikipedia.org/wiki/Null_route ), otherwise your testing box will suffer a minor performance hit as the OS arps for a box that isn't there when it tries to contact the genuine prod IP. -- "The song is characterized by its strongly addictive beats and lyrics, and is thus certain to penetrate the foundations of modern philosophy." _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
