[Gllug] local DNS with smoothwall or IPcop?

Simon A. Boggis simon at dcs.qmul.ac.uk
Wed Nov 13 13:34:55 UTC 2002 

On Wed, 2002-11-13 at 14:10, Steve Nicholson wrote:
> sometimes I have the requirement to test a domain on a development website in my local network
> e.g. yoursolutions.com where the domain already exists and is resolved
> to an external IP.  Is there a way I can add this domain to my router
> (using smoothwall at the moment) to temporarily resolve to an internal
> address and point it to my development box?  This way I can test
> features that require the domain name in the URL with out having to
> upload changes to production site and worry about screwing it up.  I
>don't really want to set up my own bind for this.

If you  are in control of the external gateway (sounds like you are)
then you can redirect traffic bound for the external site to an internal
machine. This is covered in detail in some of the netfilter HOWTOs, but
a quick summary:

Suppose the external site has address 1.2.3.4 and the internal machine
which will run your "test" service is 5.6.7.8.

To redirect only http traffic from 1.2.3.4 to 5.6.7.8:

iptables -t nat -I PREROUTING 1 -d 1.2.3.4 --dport 80 -j DNAT
--to-destination 5.6.7.8

If you want this to work for machines on the same subnet as 5.6.7.8 you
must also make all packets going to 5.6.7.8 look like they came from the
gateway - this requires a source nat to an address on the gateway.

Suppose the gateway's internal address is 5.6.7.254:

iptables -t nat -I POSTROUTING 1 -d 5.6.7.8 --dport 80 -j SNAT
--to-source 5.6.7.254

If you want to redirect all traffic remove the "--dport 80"

If you want to only redirect for one local test machine you could insert
a "-s machines-ip-addr" in each rule.

Note that I am inserting the above rules first in each chain - this
might not fit in with whatever else you are doing there.

Hope that helps,

Simon

-- 
----------------------------------------------------------------------
Dr Simon A. Boggis                                  Systems Programmer
Department of Computer Science,                     Tel. 020 7882 7522
Queen Mary, University of London, London E1 4NS UK. 
---- GPG public key <http://www.dcs.qmul.ac.uk/~simon/#publickey> ----


-- 
Gllug mailing list  -  Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug

More information about the GLLUG mailing list