Geek pop quiz - SOLVED!
Sep. 2nd, 2008 12:24 pmI have a stupid firewall. It can open a port, but not translate - I can't have port 999 on the outside redirect to an internal IP on port 443, for example.
I have a very smart Ubuntu 8.04 server. It can do anything I want it to, as long as I can tell it what to do.
I have a very, very, very stupid device that *only* listens on 443. The receiving port cannot be changed.
What I want:
1. Stupid firewall opens port 999 to smart server.
2. Smart server sees port 999 traffic and happily routes it off to 443 on device.
3. Device is happy to have 443 traffic, replies to smart server, smart server tosses it back out through the firewall to the end user.
OR
3. Device is happy to have 443 traffic, replies right back through the firewall to the end user without bugging Smart Server.
I don't care which 3 I get.
What are the magic words I need to tell iptables to do this for me? Or the magic words to have *something else* do it for me?
(And yes, I had a very similar question to this in January. Very similar devices, too. Not exactly the same, though. And that time, I just let Apache listen on 444 instead of bothering with fixing it, which is not an option, here.)
EDIT: The correct answer here is "rinetd"
10 seconds to install, 10 seconds to edit the config file with the port and IP I want forwarded, and BANG, everything works perfectly.
This is the kind of solution I really love.
I have a very smart Ubuntu 8.04 server. It can do anything I want it to, as long as I can tell it what to do.
I have a very, very, very stupid device that *only* listens on 443. The receiving port cannot be changed.
What I want:
1. Stupid firewall opens port 999 to smart server.
2. Smart server sees port 999 traffic and happily routes it off to 443 on device.
3. Device is happy to have 443 traffic, replies to smart server, smart server tosses it back out through the firewall to the end user.
OR
3. Device is happy to have 443 traffic, replies right back through the firewall to the end user without bugging Smart Server.
I don't care which 3 I get.
What are the magic words I need to tell iptables to do this for me? Or the magic words to have *something else* do it for me?
(And yes, I had a very similar question to this in January. Very similar devices, too. Not exactly the same, though. And that time, I just let Apache listen on 444 instead of bothering with fixing it, which is not an option, here.)
EDIT: The correct answer here is "rinetd"
10 seconds to install, 10 seconds to edit the config file with the port and IP I want forwarded, and BANG, everything works perfectly.
This is the kind of solution I really love.