[Gloucs] mount
Richard Mellersh
gloucs at mailman.lug.org.uk
Sat May 24 11:33:01 2003
On Saturday 24 May 2003 2:13 am, Steve Searle wrote:
> Around 10:20pm on Friday, May 23, 2003 (UK time), Richard Mellersh=20
scrawled:
> > Admittedly I only just added www to /etc/exports - is there
> > something I should do to perhaps "enable" the share?
>
> service nfs restart
>
> > Also is there a simple way to prevent httpd getting in the way of
> > "NAT"ing from other boxes - no matter what url I use on other
> > boxes all I get dished up is the pages that Apache serves.
>
> You may want to explain this in more detail - I don't follow what
> you mean. Or it may be the bottle of red I've had tonight :-)
>
> Cheers
>
> Steve
OK!
Here it is.
I have two systems running apache - old & new - they both have an isdn=20
adapter installed and working, one on each channel of the BT Home=20
Highway installation and only one can connect at one time (my isp=20
does not support two connections and anyway BT would want commercial=20
rates).
`old' has my experimantal web pages (let's call it "bct"). I have a=20
fixed ip address issued by my isp AND they host some web pages. On=20
one of those pages is a link (dotted 4) back to my ip address and=20
apache serves up `bct' when the link is clicked (obviously it is only=20
when "online").
The old system is only a P-1-200 and has to go!
The new system has apache running and some default Mandrake pages in=20
/var/www. I wish to transfer all of the functionality of `old' to=20
`new' prior to shutting down the old system.
Now to the problem.
=46rom within my network when any system (I have about 4) runs a web=20
browser (configured to use the ip of `old' as a proxy) and selects=20
ANY URL, the only web page delivered is "bct". I have tried all the=20
rules and settings that I can dream of in RH's firewall configuration=20
and none make any difference to the pages delivered. Using "tcpdump"=20
I can see the requests going out but no pages coming back. In other=20
words Apache is getting in the way of forwarding (NAT).
Having now got the new system running, if I change the "proxy" setting=20
in a web browser on any internal system to the ip of the new system=20
the same thing happens - I get the default web pages that Apache on=20
the new system is managing in `/var/www' - BUT:-
The firewall configuration in Mandrake is very different to RH and as=20
a result I have learned a cople of things:
1. Even though the RH firewall has settings for forwarding (NAT) they=20
don't work.
2. The Mandrake system (new) has no such settings in its firewall=20
configuration.
3. The conclusion I came to is that `firewalling' is only that!! I=20
allows or prevents ip accesses in either direction, it does NOT do=20
any redirection.
4. There must be some other program that takes over this task? (I=20
hesitate to mention some of the alternative that I have read about -=20
squid amongst them - for fear of pre-empting any answers I may get!
5. I occurs to me that Apache SHOULD be able to distinguish requests=20
for its own pages from requests for pages in the outside world (www)=20
by some kind of mechanism (DNS perhaps)
Am I asking too much of linux?
Should I have one system for firewalling and NAT and a differnt system=20
(internal) for hosting my experiments?
One further `desirable' element would be to allow any internal system=20
to retreive e-mail directly via the `new' systems isdn link IF it is=20
evening OR weekend (no extra charges with "Surftime")
AND
If I've been "on-line" during the day working or whatever, mail is=20
retrieved, stored and delivered wherever/whenever the recipient is=20
logged on.
Sorry to be quite so `verbose' but you did ask?
Any help please?
RM
PS My Brother lives in Gloucester (Hardwick) and should the lug be=20
having a meeting or any memeber wishes a get together I would be=20
delighted to combine it with a vist to my bro..