LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 12-10-2008, 11:58 PM   #1
noir911
Member
 
Registered: Apr 2004
Location: Baltimore, MD
Posts: 681

Rep: Reputation: Disabled
redirect traffic from restricted network


I have a restricted network segment where people connect via DHCP and they can only go to one internal website (www.nms.org). I was wondering if it is possible that if they type any other website address (eg. www.slashdot.org) their traffic will be redirected to the internal website (www.nms.org). At the moment if they type any other website address, their browser gets timed-out.

The internal website server acts as their DHCP, DNS forwarder (so they can resolve the name www.nms.org), and web.

I have configured my router such that any IP address from the restricted network segment should only be allowed to the IP address of the internal website and deny all other traffic.

Thanks for any suggestions.
 
Old 12-11-2008, 01:38 AM   #2
kenneho
Member
 
Registered: May 2003
Location: Oslo, Norway
Distribution: Ubuntu, Red Hat Enterprise Linux
Posts: 655

Rep: Reputation: 40
Is it possible to add a default entry to DNS, so that client requests defaults to www.nms.org? Or maybe you could set up a web proxy that redirect traffic to that site.
 
Old 12-11-2008, 02:34 AM   #3
noir911
Member
 
Registered: Apr 2004
Location: Baltimore, MD
Posts: 681

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by kenneho View Post
Is it possible to add a default entry to DNS, so that client requests defaults to www.nms.org?
I think I know what you mean. But do I set this up in the primary DNS server? Or do I need to setup a separate DNS server for this network segment? What would the entry look like?

Quote:
Originally Posted by kenneho View Post
Or maybe you could set up a web proxy that redirect traffic to that site.
Does this involve setting up a 3rd box? Is this an Apache proxy? What would the configuration look like?

Thanks.
 
Old 12-11-2008, 06:31 PM   #4
NyteOwl
Member
 
Registered: Aug 2008
Location: Nova Scotia, Canada
Distribution: Slackware, OpenBSD, others periodically
Posts: 512

Rep: Reputation: 139Reputation: 139
Perhaps the simplest would be to set the router to send all http traffic to the internal website. In this case it is easier to filter by protocol than IP. www-dot-nms-dot-org of course is an intent accessible parked page or were you just using it as an example?
 
Old 12-12-2008, 01:40 AM   #5
kenneho
Member
 
Registered: May 2003
Location: Oslo, Norway
Distribution: Ubuntu, Red Hat Enterprise Linux
Posts: 655

Rep: Reputation: 40
Quote:
Originally Posted by NyteOwl View Post
Perhaps the simplest would be to set the router to send all http traffic to the internal website. In this case it is easier to filter by protocol than IP. www-dot-nms-dot-org of course is an intent accessible parked page or were you just using it as an example?
This seems like a good alternative to me a least.
 
Old 12-12-2008, 01:43 AM   #6
kenneho
Member
 
Registered: May 2003
Location: Oslo, Norway
Distribution: Ubuntu, Red Hat Enterprise Linux
Posts: 655

Rep: Reputation: 40
Quote:
Originally Posted by noir911 View Post
I think I know what you mean. But do I set this up in the primary DNS server? Or do I need to setup a separate DNS server for this network segment? What would the entry look like?


Does this involve setting up a 3rd box? Is this an Apache proxy? What would the configuration look like?

Thanks.
I'm not very into this stuff, so I don't know how you would set this up. But if your goal is simply to redirect all http traffic to a local machine, then I'd go for the firewall setting suggested by NyteOwl.
 
Old 12-14-2008, 07:34 PM   #7
Tinker06
LQ Newbie
 
Registered: Apr 2006
Location: Poulsbo, WA
Distribution: Debian
Posts: 5

Rep: Reputation: 1
The debian package "dsniff" provides utilities, among them one called dnsspoof which could give your webserver IP address for ALL queries. The problems this might cause for access to anything else on your network not withstanding, you would also have to configure your server to provide the same documents for ALL virtual hostnames that they could be requesting. If there are virtual host name servers running on your webserver it could be a real problem to do that. Just a thought...
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
redirect traffic tim_24 Linux - Networking 4 05-27-2007 11:39 PM
redirect traffic tim24 Linux - Networking 5 04-06-2006 10:45 AM
redirect traffic through apache kola Linux - Networking 7 12-11-2004 07:29 AM
Traffic redirect friki Linux - Software 2 11-04-2004 04:59 PM
Redirect traffic to internal IP? xmutex Linux - Networking 1 08-13-2001 10:29 AM


All times are GMT -5. The time now is 07:15 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration