| View previous topic :: View next topic |
| Author |
Message |
cajzell
Apprentice
Joined: 07 Jan 2004
Posts: 176
Location: Falkenberg, Sweden
|
 Posted: Sat Aug 06, 2005 1:32 pm Post subject: Home server security |
 |
|
Hello,
I have a server for my LAN at home where family members can write to our calendar, upload pictures to our gallery, and similar stuff. This is only for our computers at home, but I thought I might also make it possible to e.g. make it possible for a friend to see the gallery, or maybe alter the calendar when visiting someone (whose IP I know). I thought then I might redirect port 80 to the particular server on the NAT, use iptables to make a simple rule on the server where incoming traffic is only allowed for a few "friendly" IP's I know and I have a few questions related to that:
1. Is this advisable at all?
2. How should such an iptables rule look? |
|
| Back to top |
|
 |
adaptr
Watchman
Joined: 06 Oct 2002
Posts: 6730
Location: Rotterdam, Netherlands
|
| Posted: Sat Aug 06, 2005 8:06 pm Post subject: |
|
|
1. If your apache config is reasonably secure, why not? Only about 60% of the world's websites run it 
2. iptables -t nat -A PREROUTING -p tcp -i $EXT_IF -dport 80 -j REDIRECT --to $WEB_SERVER
Something like that, anyway; add specific -source addresses if you want to limit connections (although that is beter done on the INPUT chain.)
_________________
>>> emerge (3 of 7) mcse/70-293 to /
Essential tools: gentoolkit eix profuse screen |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Networking & Security
