Need network advice
Chan Chung Hang Christopher
christopher.chan at bradbury.edu.hk
Fri Jun 25 14:47:32 UTC 2010
Chuck Kuecker wrote:
> Chan Chung Hang Christopher wrote:
>> Chuck Kuecker wrote:
>>
>> 192.168.0.x is not a 'static ip' aka assigned real ip address. I assume
>> you have a router that does the appropriate natting for you...
>>
>>
> I've got a static IP assigned by my ISP. 192.168.0 is the local network.
>> I suspect that firestarter will set the incoming policy to drop/reject.
>>
>> please pastebin the output of 'iptables -L -n' at pastebin.ubuntu.com
>>
>> I suppose that you already have ip forwarding enabled given your comment
>> about tftp working from 10.0.0.2 to 192.168.0.200.
>>
> iptables output pasted...
Link please.
>>
>>> Ultimately, I want the local DNS server to steer HTTP traffic for the
>>> development system to its' internal IP, while HTTP traffic to my regular
>>> web site goes to the main web server on the Ubuntu box at 192.168.0.200,
>>> so my customer could access and interact with the development system.
>>>
>> Ugh...it would be so much easier with djbdns' tinydns...
> Interesting. I did not realize bind was a security mess. I will look at
> switching over. Got to be cautious - if I screw up my DNS, I might lose
> my email, and that would not be good.
:-D. Same when you do your views in BIND. Please accept my apologies for
the FUD mongering.
>>> Obviously, I cannot give him the internal IP address to put in his
>>> browser. I think I need to make changes to the BIND configuration files,
>>> and have studied the O'Reilly DNS and BIND book, but I just get more
>>> confused.
>>>
>> heh. You need to use views. Fun, fun, fun.
>>
> ??? Googling 'Ubuntu views' turns up a slew of stuff. Do you have a link?
You want 'BIND views'/
>
> Everything is now on the 192.168.0. network. The device can reach my
> mail server. I'm getting '403 Forbidden' when I try the web server in
> the device now - but I can fix that. At least I am getting a response now.
Oh, okay.
>> What do you want to achieve?
> The ultimate goal is for my customer to be able to access the web server
> in the device from the Internet. He's going to do the web page
> development while I work on the controlling code in the thing.
> C coding is my skill - web page development is definitely NOT.
Hahaha. I can do a bit of both...messes your mind up I tell you.
So what kind of access do you want your client to have to the device?
ssh? It can be just as simple as redirecting a specific port to the
device in the router as was suggested already by Patrick. Although that
would make things tricky if your client is to create/dynamically create
normal urls for testing...you'd probably need a rewriting proxy in front
of the device or something.
More information about the ubuntu-users
mailing list