LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices

Reply
 
Search this Thread
Old 04-20-2003, 09:13 PM   #1
dmane15
LQ Newbie
 
Registered: Apr 2003
Posts: 1

Rep: Reputation: 0
Question (IPTABLES) redirect web site to a file?


Is it possible to redirect ... www.whatever.com to a file on the local drive... for example, if they went to go to this particular website, instead of the page showing in the browser, a picture saying this website is off limits would appear in the browser?????


TIA
 
Old 04-20-2003, 09:37 PM   #2
iceman47
Senior Member
 
Registered: Oct 2002
Location: Belgium
Distribution: Debian, Free/OpenBSD
Posts: 1,123

Rep: Reputation: 47
sure, if you own the domain name and configure apache so it shows that picture upon connection.
 
Old 04-20-2003, 09:37 PM   #3
DavidPhillips
Guru
 
Registered: Jun 2001
Location: South Alabama
Distribution: Fedora / RedHat / SuSE
Posts: 7,154

Rep: Reputation: 56
index.html in the DocumentRoot of the VirtualHost

the index.html file can contain a picture or whatever message you want
 
Old 04-21-2003, 01:21 AM   #4
jdc2048
Member
 
Registered: Jul 2002
Location: Ohio, USA
Distribution: Redhat, Gentoo, Solaris, HP-UX, etc...
Posts: 391

Rep: Reputation: 30
Do I read this right, as you are trying to control outbound connections to external (banned) websites? Like proxying or a net-nanny thing, keeping the kids from looking at nasty things?

The answers so far have been for incoming connections to a website that you host.

I don't know if "linux-newbs" is the right forum for this kinda question. You may want to get it moved to "linux-security". (don't double-post, just ask the moderator to move it).

Last edited by jdc2048; 04-21-2003 at 01:22 AM.
 
Old 04-21-2003, 01:43 AM   #5
DavidPhillips
Guru
 
Registered: Jun 2001
Location: South Alabama
Distribution: Fedora / RedHat / SuSE
Posts: 7,154

Rep: Reputation: 56
Oh I see what your saying now!
I think

try something like dans guardian or squidguard

Last edited by DavidPhillips; 04-21-2003 at 01:47 AM.
 
Old 04-21-2003, 10:52 AM   #6
Robert0380
Guru
 
Registered: Apr 2002
Location: Atlanta
Distribution: Gentoo
Posts: 1,280

Rep: Reputation: 47
you could do this with iptables easily, let's say you dont want computers on your network to access whatever.com, i'd do an nslookup on whatever.com and lets say the ip of whatever.com is 1.2.3.4, here is what your iptable rule could look like:

iptables -t nat PREROUTING -d 1.2.3.4 -p tcp --dport 80 -j DNAT --to-destination 192.168.x.x

this will forward any incomming packets that are bound for 1.2.3.4 to 192.168.x.x ,if you have a web server running on 192.168.x.x then you can display whatever you want. if im wrong, someone correct me
 
Old 04-21-2003, 12:19 PM   #7
DavidPhillips
Guru
 
Registered: Jun 2001
Location: South Alabama
Distribution: Fedora / RedHat / SuSE
Posts: 7,154

Rep: Reputation: 56
that looks right,

This could grow very big and be somewhat intensive unless you are just blocking the one, or a few sites.

squidguard or dans guardian will block sites based on name, or content. without adding each site manually.
 
Old 04-21-2003, 01:09 PM   #8
MasterC
Guru
 
Registered: Mar 2002
Location: Salt Lake City, UT - USA
Distribution: Gentoo ; LFS ; Kubuntu
Posts: 12,612

Rep: Reputation: 64
The only hole I can see to shoot in that idea is that if the IP of whatever.com is dynamic

Cool
 
Old 08-11-2008, 05:42 AM   #9
bhargavbhai
LQ Newbie
 
Registered: Jul 2008
Posts: 10

Rep: Reputation: 0
This rule is not working any idea?

Hi robert,

Quote:
Originally Posted by Robert0380 View Post

iptables -t nat PREROUTING -d 1.2.3.4 -p tcp --dport 80 -j DNAT --to-destination 192.168.x.x

this will forward any incoming packets that are bound for 1.2.3.4 to 192.168.x.x ,if you have a web server running on 192.168.x.x then you can display whatever you want.

I have tried this rule but not able to run this command with argument PREROUTING and --dport.
I am getting error like this
Bad argument `PREROUTING'
Try `iptables -h' or 'iptables --help' for more information.

and plz also specify me that how ant I flush this rule if applied then.

I want to redirect mail.google.com to mail.aspl.in in my network.

Thanx in advance......

Last edited by bhargavbhai; 08-11-2008 at 05:44 AM. Reason: some corrections
 
Old 08-11-2008, 05:53 AM   #10
jomen
Senior Member
 
Registered: May 2004
Location: Leipzig/Germany
Distribution: Arch
Posts: 1,684

Rep: Reputation: 54
append "-I" (or "-A") before PREROUTING
like:
iptables -t nat -I PREROUTING -d 1.2.3.4 -p tcp --dport 80 -j DNAT --to-destination 192.168.x.x
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
iptables DNAT redirect to web server problem mitzadej Linux - Networking 6 11-27-2005 10:59 AM
iptables redirect patvrs Linux - Networking 15 08-02-2005 08:31 AM
no trailing slash -> apache redirect to microsoft site? SerfurJ Linux - Software 6 03-15-2005 06:25 AM
File permissions for web site files/folders mackayr Linux - Networking 1 12-01-2004 11:49 AM
iptables redirect slack Linux - Networking 0 06-17-2002 04:04 AM


All times are GMT -5. The time now is 11:32 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration