|
|
Sponsored Content
Special Forums
IP Networking
iptables allow access to one site
Post 302892523 by tarun_nix on Thursday 13th of March 2014 09:39:19 AM
03-13-2014
|
|
9 More Discussions You Might Find Interesting
1. IP Networking
Setup a site to site VPN between two cisco routers.
One of the site locations is unable to access ports such as https://example.com:9001
How do I let them go into port 9001?
They can ssh, ftp, telnet and everything else.
Is this a VPN issue or ACL access issue?
I put
permit ip host... (0 Replies)
Discussion started by: photon
0 Replies
2. Shell Programming and Scripting
Hello every one,
I have a little issue that has been killing me now for the past couple of days, I have tried to find solutions online, but its been hard to, ok here it goes...
I have created a site that is based on amount of user that have access at a time, based on cookie. So if the browser... (1 Reply)
Discussion started by: heman007
1 Replies
3. Shell Programming and Scripting
Hi there
I am currently trying to access an http site using the wget utility from a solaris box. I am going through proxies to do this and we have two types of proxies.
For the first one, which is a netcache proxy, I am able to use the wget command to export the proxy information
export... (2 Replies)
Discussion started by: memonks
2 Replies
4. Programming
I’m using the below snipped for setting the certificate and key for client authentication.
curl_easy_setopt(curl,CURLOPT_SSLCERT,"clientCert.pem");
curl_easy_setopt(curl,CURLOPT_SSLCERTPASSWD,"changeit");
curl_easy_setopt(curl,CURLOPT_SSLCERTTYPE,"PEM"); ... (2 Replies)
Discussion started by: old_as_a_fossil
2 Replies
5. Solaris
Hi,
We are using a java application (Java 6 , Using JAX-WS 2.0 to Create a Simple Web Service) that accesses SharePoint API through web services. We were able to get the data in windows and do all operations the API allows.
When we deploy this application on UNIX environment (Solaris 10)... (0 Replies)
Discussion started by: johninweb
0 Replies
6. UNIX for Advanced & Expert Users
Can someone please give me the conf file line to allow access to myexample.com and only that site, and only through http and https?
So far I have only that site accessible via http, but all https sites are opened.
Squid 3.1 on Cent 6
---------- Post updated at 12:06 PM ---------- Previous... (0 Replies)
Discussion started by: glev2005
0 Replies
7. IP Networking
Q: "Does Cisco 1921 router support,, act as an endpoint for, site to site VPNs using IPSec? If so, how many? "
A: If you get the Cisco 1921/k9 with the security services bundle then it will have built in security features. Cisco, typically includes IP Sec tunnels I believe as part of that... (0 Replies)
Discussion started by: Ayaerlee
0 Replies
8. Cybersecurity
Hey folks,
I've setup a wifi guest network on an E2500 router running TomatoUSB, that I only want to have internet access provided for.
Did this by creating a separate bridge (br1), then putting it in it's own VLAN, created a virtual wifi interface, then set some firewall rules to isolate... (0 Replies)
Discussion started by: mcaramb
0 Replies
9. Post Here to Contact Site Administrators and Moderators
Hello MODs/Admins,
Could you please help me here as from last 6 to 7 days I(and checked with my fellow friends too) am not able to access unix.com site at all. It is very very slow, it never loads completely. Even I checked with different people and different computers it results same only,... (8 Replies)
Discussion started by: RavinderSingh13
8 Replies
LEARN ABOUT FREEBSD
tftp-proxy
TFTP-PROXY(8) BSD System Manager's Manual TFTP-PROXY(8) NAME
tftp-proxy -- Internet Trivial File Transfer Protocol proxy SYNOPSIS
tftp-proxy [-v] [-w transwait] DESCRIPTION
tftp-proxy is a proxy for the Internet Trivial File Transfer Protocol invoked by the inetd(8) internet server. TFTP connections should be redirected to the proxy using the pf(4) rdr command, after which the proxy connects to the server on behalf of the client. The proxy establishes a pf(4) rdr rule using the anchor facility to rewrite packets between the client and the server. Once the rule is established, tftp-proxy forwards the initial request from the client to the server to begin the transfer. After transwait seconds, the pf(4) NAT state is assumed to have been established and the rdr rule is deleted and the program exits. Once the transfer between the client and the server is completed, the NAT state will naturally expire. Assuming the TFTP command request is from $client to $server, the proxy connected to the server using the $proxy source address, and $port is negotiated, tftp-proxy adds the following rule to the anchor: rdr proto udp from $server to $proxy port $port -> $client The options are as follows: -v Log the connection and request information to syslogd(8). -w transwait Number of seconds to wait for the data transmission to begin before removing the pf(4) rdr rule. The default is 2 seconds. CONFIGURATION
To make use of the proxy, pf.conf(5) needs the following rules. The anchors are mandatory. Adjust the rules as needed for your configura- tion. In the NAT section: nat on $ext_if from $int_if -> ($ext_if:0) no nat on $ext_if to port tftp rdr-anchor "tftp-proxy/*" rdr on $int_if proto udp from $lan to any port tftp -> 127.0.0.1 port 6969 In the filter section, an anchor must be added to hold the pass rules: anchor "tftp-proxy/*" inetd(8) must be configured to spawn the proxy on the port that packets are being forwarded to by pf(4). An example inetd.conf(5) entry fol- lows: 127.0.0.1:6969 dgram udp wait root /usr/libexec/tftp-proxy tftp-proxy SEE ALSO
tftp(1), pf(4), pf.conf(5), ftp-proxy(8), inetd(8), syslogd(8), tftpd(8) CAVEATS
tftp-proxy chroots to /var/empty and changes to user ``proxy'' to drop privileges. BSD
November 28, 2005 BSD