Quote:
Originally Posted by sholah
ledow,
I guess u missed the part that says my setup is working perfectly. If u know u dont have the answer to my question, u should have kept ur opinion to ur self.
|
Ignoring the absolute arrogance, no I didn't miss this. Your bridge is working properly, but you asked a question:
Quote:
Originally Posted by sholah
Does anyone know the iptables rule that will permit the redirection of IP traffic to other web pages on the web server (apart from the index page) of the linux box.
|
which the ENTIRETY of my post refers to. You can redirect IP traffic to any IP/port that you like but you cannot redirect IP traffic to a different *web page*, they are two seperate things. By web page you are implying full URL (e.g.
http://localserver/directory/file.html) which you can't do without modifying the HTTP packets themselves (which operate on an entirely seperate layer to the IP packets... thus IP redirection isn't the same thing AT ALL).
I can point FTP packets at port 80 on 1.1.1.1 or POP3 packets at port 0 on 192.168.10.1, it makes no difference to the actual *protocol*. The protocol that you are using here (HTTP) is not affected by iptables rules... it just ends up going to a different IP/port, NOT a different webpage (i.e. URL, which is specified *within* the HTTP packets). In order to redirect traffic to a different *webpage*, you need to do some serious layer violations (e.g. using string matching on packets), configure your HTTP server accordingly or you need to use an intermediate proxy (in your case a transparent one, most probably) such as squid - NONE of which involves iptables or bridges at all... because I saw that you already had that part set up.
I was actually trying to help you, and to help understand what you were actually asking for and to point you in the right direction. But as far as I'm concerned, you can sod right off now. That's probably why no one else bothered to post after me, either.
P.S. I do this for a living and set up machines to do exactly this thing dozens of times a year, with full HTTP redirection based on a myriad of criteria (e.g. if your MAC/IP isn't recognised, you go to one page on a HTTP server, if your MAC/IP is blocked you go to another, if your MAC/IP is allowed you get full, transparent Internet access etc., if your MAC/IP belongs to a certain room within a school, you get filtered Internet access, all through the same single machine. I was in the middle of cleaning up the scripts I use to do this to add on this post when I read your reply and then thought... bugger it.