10/17 Is there a really easy way to forward all port 80 packets to another
machine? I want to migrate my web (but not mail/smtp/etc) packets to
a new machine. I don't want any sort of HTTP redirects because I want
the transition to be "seemless". Does my question even make sense?
\_ seamless
\_ Any firewall software can do this. Or you can point the DNS
name at your new web server and use MX'es to keep the mail on
the existing server. Or use mod_rewrite. -tom
\- writing a generic "port forwarder" to listen on localhost:tcp/###
and fwd that to A.B.C.D:### is pretty straght forward programming
exercise. in fact it is possible ssh can do it for you. i have a
tool i suppose i can send you which forwarded the pop protocol
but it should work for WEEB by just changing the port number.
[all WEEB is tcp, right?]. i seem to remember after looking at a
breakin there was some crackerware to do this too. --psb
\ are you calling nc "crackerware"?
\_ This is what I was going to do. Either this or just use ssh to
do the forwarding until I complete the migration.
do the forwarding until I complete the migration. But I was
hoping that someone had already written something (or gotten
netcat to work as such) so that I don't reinvent the wheel...
and don't have to worry about implementing error handling and
so forth.
\_ DNS! Why does no one use DNS for this stuff? The world wasn't
meant to be hard coded IPs. They made DNS for a reason. You don't
need clunky firewall kludges if you made proper use of DNS. You
wannabe sysadmins are getting more dangerous by the day. Please
tell me this isn't a commercial site.
\_ because dns wont forward port 80 packets. DNS will send all
packets to that hostname elsewhere. This is why a smart admin
will point several names at the same host, each name for each
service on the host, and then they can move the ip in the name
for that service without affecting the other services. I.e.
csua www service is 'www.csua', not 'soda.csua' (even those two
names point to the same IP), so we can move www service if
necessary without screwing other services.
If you weren't so smart, firewall-NAT /packet forwarding/
is your only option. -ERic
\_ Thank you for the description of "proper use of DNS" as
mentioned above. Anyone who doesn't know that DNS doesn't
forward packets needs to give up the root shell.
\_ DNS switches are not "seemless". Even if you have your TTL set
properly, there is a whole world of improperly set up DNS servers
(and microsoft DNS clients that mad-cache) that will not get up-
dated the instant you want them to. (Of course, just leaving the
service up at site 1 for a while is probably better than port
forwarding everything with good ol' nc -The SysAdmin.
\_ Gosh, you mean you actually figured out how to do a seamless
service migration with DNS? Wow. That was hard, huh?
\_ 1) You are a dumbass, as everyone else already pointed.
2) Even if what you said were correct (which it isn't), have you
considered the possibility that some people might be hard-
coding the IP's?
\_ 1) No one said any such thing. Learn to read.
2) It's correct and anyone who hard coded the IP's is a total
moron at step zero and shouldn't have root which was
already addressed earlier. If you could read, you'd have
read that, too.
3) Learn to read. Thanks.
\_ [ inane baiting deleted. ]
\_ OP here. Here's my solution:
www stream tcp nowait nobody /usr/local/bin/nc nc my.remote.host 80
im reposting my solution for the third time:
tcpserver 0 80 nc ncc 80 |
http://csua.com/feed/