Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
I have a CentOS5 server with a NIC attached to our administrative LAN. This server is basically invisible on the admin network and serves as a gateway to a highly restricted subnet. It has no ports open, does not respond to ping, etc. Completely stealth. I need a public drop box on another computer for users to place files needed by this server. I have Samba shares available on the admin LAN.
What I want to do is have the stealth box monitor the public drop box folder. When a file is placed in the folder, the stealth server must retrieve the file, then delete it from the public folder. I cannot mount the folder on the stealth server, that would defeat the stealthiness.
I have thought of using a cron job with scp or wget or something. But that poses a couple of problems for me. First, I don't know how it would delete the file in the remote folder. Plus, I need a fairly fast response time, so the cron job would have to run every minute. My problem with that is the file transfer time. In the case of large files, the cron job will restart the copy script before the first one is done. Ultimately, I get a bunch of transfer scripts going, all trying to transfer the same file, until things start to lock up.
One thought I had was for the public folder to detect a new file and issue a UDP or other one-way broadcast, which the stealth server could listen for but not reply or respond to. That could trigger the transfer script to process the file. I'm just not smart enough to set that up.
Any and all ideas, questions, or comments appreciated.
i'm not sure i totally follow the issues of mounting being a security risk. i would probably look to do an scp with preshared keys and if you feel that the copy job would take too long i would just look to either use some form of flag file to lock the script out, or just check for an scp process in the output of ps or similar to look for before starting the copy. in fact why not just see if a file is already in the local location, even partly. that would be fairly clean if you then delete the remote file before returning your attention to the local file. back on the mounting side, you could make things simpler with scp if you were to replace the scp command itself with an sshfs mount and then just mv files as if they were local.