| View previous topic :: View next topic |
| Author |
Message |
Cr0t
l33t
Joined: 27 Apr 2002
Posts: 945
Location: USA
|
 Posted: Fri Oct 17, 2003 10:14 pm Post subject: Force First HTML Page |
 |
|
I need two things
- Everytime somebody gets an IP address and wants to go online I wana force him to go to a Special StartHomePage
- If my connection to the INET is down I want that my Router checks if the Line is down or not. If the line is down I want my Router to force all the users to go to a local Page.
I have a couple of ideas but maybe somebody did that before and can give me some tips
_________________
cya |
|
| Back to top |
|
 |
hbmartin
Guru
Joined: 12 Sep 2003
Posts: 386
Location: Home is where the boxen are
|
| Posted: Sat Oct 18, 2003 3:00 am Post subject: |
|
|
You really need to post more details on what hardware you're using and your current setup.
You could probably set something up to catch all port 80 requests and reroute them (to some local Apache server) if INET is down.
Not sure about getting an intial page though, that would be harder.
Harold |
|
| Back to top |
|
|
Cr0t
l33t
Joined: 27 Apr 2002
Posts: 945
Location: USA
|
| Posted: Tue Oct 21, 2003 1:59 am Post subject: |
|
|
My Router
- 233MHz Intel Penium MMX
- 96MB SDRAM
- 3.9 GB RAID 1
- 232MB SWAP
- 2x 3com 3c905
My IPTables Routing script...
| Code: |
modprobe ip_conntrack_ftp
modprobe ip_conntrack_irc
modprobe ip_nat_ftp
modprobe ip_nat_irc
echo 1 > /proc/sys/net/ipv4/ip_forward
echo 0 > /proc/sys/net/ipv4/tcp_ecn
iptables -t nat -F -v
iptables -F -v
iptables -A INPUT -i lo -j ACCEPT -v
iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE -v
iptables -I FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu -v
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT -v
iptables -A INPUT -p tcp --dport 21 -j ACCEPT -v
iptables -A INPUT -p tcp --dport 22 -j ACCEPT -v
iptables -A INPUT -p tcp --dport 80 -j ACCEPT -v
iptables -A INPUT -p tcp --dport 161 -j ACCEPT -v
iptables -A INPUT -p tcp --dport 9999 -j ACCEPT -v
iptables -A INPUT -p tcp --dport 25 -j ACCEPT -v
iptables -A FORWARD -p tcp --dport 25 -j ACCEPT -v
iptables -A OUTPUT -p tcp --dport 25 -j ACCEPT -v
iptables -A INPUT -p udp -i eth1 -s 192.168.1.0/24 --dport 67 -j ACCEPT -v
iptables -A INPUT -p tcp -i eth1 -s 192.168.1.0/24 --dport 67 -j ACCEPT -v
iptables -t nat -A PREROUTING -p tcp -i eth1 --dport 8080 -j DNAT --to-destination 192.168.1.2:80
iptables -t nat -A PREROUTING -p tcp -i eth1 --dport 8181 -j DNAT --to-destination 192.168.1.3:80
iptables -t nat -A PREROUTING -p tcp -i eth1 --dport 2121 -j DNAT --to-destination 192.168.1.2:21
iptables -t nat -A PREROUTING -p tcp -i eth1 --dport 2222 -j DNAT --to-destination 192.168.1.2:22
iptables -t nat -A PREROUTING -p tcp -i eth1 --dport 2323 -j DNAT --to-destination 192.168.1.3:22
iptables -A INPUT -p tcp --syn -j DROP -v
iptables -P INPUT DROP -v
iptables -A INPUT -p udp --dport 135 -j REJECT -v
iptables -A INPUT -p udp --dport 137 -j REJECT -v
iptables -A INPUT -p udp --dport 138 -j REJECT -v
iptables -A INPUT -p tcp --syn --dport 139 -j REJECT -v
iptables -A INPUT -p tcp --dport 445 -j REJECT -v
iptables -A INPUT -p udp --dport 445 -j REJECT -v
iptables -A FORWARD -p udp --dport 135 -j REJECT -v
iptables -A FORWARD -p udp --dport 137 -j REJECT -v
iptables -A FORWARD -p udp --dport 138 -j REJECT -v
iptables -A FORWARD -p tcp --syn --dport 139 -j REJECT -v
iptables -A FORWARD -p tcp --dport 445 -j REJECT -v
iptables -A FORWARD -p udp --dport 445 -j REJECT -v
iptables -A OUTPUT -p udp --dport 135 -j REJECT -v
iptables -A OUTPUT -p udp --dport 137 -j REJECT -v
iptables -A OUTPUT -p udp --dport 138 -j REJECT -v
iptables -A OUTPUT -p tcp --syn --dport 139 -j REJECT -v
iptables -A OUTPUT -p tcp --dport 445 -j REJECT -v
iptables -A OUTPUT -p udp --dport 445 -j REJECT -v
iptables -A INPUT -i eth0 -j LOG
iptables -A INPUT -i eth1 -j LOG
|
I am guessing what I could do pining every once in a while to see if my connection is up. The problem is I do not know how to force each client to go to a special HomePage.
Well I have kinda one idea. I could start using a proxy which tells each client where to go. But as soon as my Router finds out that the target is out I should have a separate config file which tells the client where to go. And theeeeeeeeen they should see what's up.
Just an idea I am still developing ideas...
_________________
cya |
|
| Back to top |
|
|
ClausH
n00b
Joined: 03 Aug 2003
Posts: 58
Location: Herning, denmark
|
| Posted: Wed Oct 22, 2003 7:40 pm Post subject: |
|
|
I would like to know something about this as well.
Today we lost the internet connection to our campus router, and we got a lot of phone calls concerning this. So it would be nice to put up a local page, and reroute all traffic to this (preferably to the local machine doing the routing) it would save us a lut of time.
The router is masquerading using iptables, and bandwith limiting using cbq.
Mvh Claus Holmgaard |
|
| Back to top |
|
|
|
Networking & Security
