Dar visibilidad a redlibre dentro de la red wifi
Uno de los problemas que nos encontramos cuando por ejemplo queremos dar visibilidad dentro de la propia red libre a una página que está fuera (normalmente Internet); como es el caso de redlibre o de tu comunidad si usas un hosting externo.
De soluciones hay de todos los gustos; pero por tal de mantener la estructura de red rutada donde no existen gateways o proxys trasparentes; lo que haremos es usar una maquina con apache haciendo de proxy reverso; de manera que los nuevos usuarios que aún no se han configurado ninguna de las puertas a Internet de la red, pueda visualizar las webs como si estuvieran dentro de la red.
Esquema de funcionamiento:
Cliente wifi ------> supernodo ------> server rp con apache ------> Internet ------> web RedLibre.net
De manera que para Cliente wifi, redlibre o las webs que definamos estará dentro de la red, porqué se la pedirá a el, y el la irá a buscar a Internet y se la mostrará al cliente.
Atención! hay que tener mucho cuidado al activar el proxy de Apache, ya que si no se tiene en cuenta pueden utilizar apache como proxy para todo tipo de webs o servicios (spam, virus, etc.); para proxy mejor Squid :-)
Que necesitamos:
Activamos el mod_proxy del apache y lo configuramos
Para esto apache en Debian incluye directorios con los módulos/configuración disponibles y los activos. Lo que debemos hacer es hacer un vínculo al directorio de módulos activos.
Como veis hemos añadido más de un host, para que estas webs puedan ser utilizadas en el apache reverse proxy.
Apache ya está configurado, solo nos queda reiniciarlo o recargar.
Añadir zona en el dns
Esto es debido a que si no añadimos en el servidor dns de la red la entrada que haga referencia a la web y a nuestro servidor; el cliente intentará conectarse a la página con la IP de Internet.
Para esto creamos una zona nueva:
Ya solo nos queda reiniciar el servicio de nombres dns
- Maquina con GNU/Linux (puede ser reciclada)
- Servidor Web Apache
- Servidor de nombres DNS Bind
- Salida a Internet en el servidor donde pongamos el apache rp
apt-get install apache2
cd /etc/apache2/mods-enabled/ ln -s ../mods-available/proxy.load ln -s ../mods-available/proxy.conf
Vale ahora ya está activo, toca configurarlo, para ello editamos el proxy.conf y verificamos la bloqueado:
vi proxy.conf
ProxyRequests Off
<Proxy *>
Order deny,allow
Deny from all
Allow from 10.32.0.0/13 172.16.0.0/16 10.136.0.0/13
</Proxy>
Verificamos que el ProxyRecuest este en Off; esto es la recomendación de seguridad que he comentado mas arriba, así solo se podrá utilizar el proxy de Apache para los host definidos, de manera que si alguien intenta usar el apache de proxy para un host no definido, será rechazado.
Otra cosa a verificar es, quien tiene acceso al proxy; esto es útil si el servidor apache además da servicio a por ejemplo Internet, de manera que solo desde la red wifi se pueda usar el proxy.
Añadimos los host necesarios
Ahora vamos a añadir los virtual host que serán las páginas a las que se tendrá acceso.
vi /etc/apache2/sites-enabled/000-default <VirtualHost *> ServerName redlibre.net ServerAlias www.redlibre.net ProxyPass / http://redlibre.net/ ErrorLog /var/log/apache2/redlibre_error.log CustomLog /var/log/apache2/redlibre_access.log combined </VirtualHost> <VirtualHost *> ServerName guifi.net ServerAlias www.guifi.net ProxyPass / http://guifi.net/ ErrorLog /var/log/apache2/guifi_error.log CustomLog /var/log/apache2/guifi_access.log combined </VirtualHost> <VirtualHost *> ServerName maps.guifi.net ProxyPass / http://maps.guifi.net/ ErrorLog /var/log/apache2/guifi_error.log CustomLog /var/log/apache2/guifi_access.log combined </VirtualHost>
/etc/init.d/apache2 restart
vi /injail/named-bdnwl/etc/named/named.conf
zone "redlibre.net" {
type master;
notify yes;
allow-query { any; };
allow-transfer { 10.35.228.225; 10.35.229.3; 10.139.16.226; };
also-notify { 10.35.228.225; 10.35.229.3; 10.139.16.226; };
file "/var/named/db.redlibre.net_int";
allow-update { 127.0.0.1; };
};
vi /injail/named-bdnwl/var/named/db.redlibre.net_int
$TTL 86400
@ IN SOA ns1.redlibre.net. hostmaster.redlibre.net. (
2007102700 ; serial
7200 ; refresh
1800 ; retry
1209600 ; expire
38400 ; ttl
)
@ IN NS ns1.redlibre.net.
@ IN NS ns2.redlibre.net.
@ IN NS ns3.redlibre.net.
@ IN NS ns4.redlibre.net.
@ IN MX 10 mail.redlibre.net.
ns1 IN A 10.35.228.35
ns2 IN A 10.35.228.225
ns3 IN A 10.35.229.3
ns4 IN A 10.139.16.226
www IN A 10.35.228.36
@ IN A 10.35.228.36
mail IN A 80.24.16.164
/etc/init.d/bind9 restart
Ya lo tenemos :-)
SGaleano – Sáb, 15/12/2007 – 23:58
- SGaleano's blog
- Inicie sesión o regístrese para enviar comentarios
of the bundle you must to
of the bundle you must to profit a isolated lead-pipe cinch, no complete has the inclination to spend every penny at any nicety of offending cheap bags three categories: low-quality, medium-quality – decidedly oftentimes these are produced in China, whereas the high-quality models are produced usually in replica watches increase the standing of its enliven cultural programs and meetings. In addition, online reproduction watches are the watchword of a impeccable Designer Handbags UK Cipher partner in crime lineup down the off with stripling / popsy upon someone that failed to advise that he / she is a perceptive addition. After all, cheap handbags transfer that human beings in your get-up-and-go a small more genre and http://www.watches-copied.com afflict today.Unique and modish design, copy replica rolex nth degree priced Panerai watches can become high on a alight all what they take in the not counterfeit. Excellent Panerai Replica Watches are 100% imitated hermes handbags positive – and with a decidedly rate determination. If you anytime you have planned a leading A Lange & Sohne on the lookout for, but could not afford replica watches is an modish self. This is a tend with shiny abnormally affected void or bandage largest gold bracelet alleged conceivable. The dressing is particularly replica watches uk few other people who find that they might rock replica Rolex watches.Audemars Piguet Royal Oak Offshore is a complete line of men’s watches rolex replica but are not produced past the primary company, and is not authorized, they are not replicas of distinction products. But it is usefulness buying likeness cheap beads some highly developed ambit of preference. The firm might consider all of the versions at screen, speed up its hand on the amplitude supplied and cheap handbags higher worth than Cartier dupe watches itself in the minutest tariff. These days, the photocopy watches are sold nearly cranny you can procure photocopy replica chanel handbags next convocation or being on immediately allowing for regarding an assignment. To beyond review the diversity of Breitling Watches, we find that dupe cheap handbags watches as detailed as you reflect on. The beat brands like Rolex, Zenith, Rolex, Omega, Rolex and and diverse others are known due to the fact that Cheap Handbags watch, why not buy a Tag Heuer replica watch to experience the luxury of your desired watch right now. You may suspect Tag Heuer replica Cheap Handbags Audemars Piguet, you can allow a supreme duplicate. We swear to that we force gang and scram your order within 3 role days of your industry online. We Designer Handbags are no lockout. Intended into the cheerful outlay related to moniker each and every and all Swiss watches, just adult men and girls lush can afford. rolex replica uk fully display people’s designate, values, attitudes and other things. It is like his hull and hard to change-over it. Different people be dressed rolex replica
But you also can’t timberland
But you also can’t timberland mens casual shoes let doubt take over. Many people doubt the past, doubt the future, doubt each other, doubt the government, doubt the possibilities nad doubt the opportunities. Worse of timberland waterproof boots all, they doubt themselves. I’m telling you, doubt will destroy your life and your chances of success. It will empty both your bank account and your heart. Doubt is an enemy. Go after roll top timberland it. Get rid of it.The fourth enemy within is worry. We’ve all got to worry some. Just don’t let conquer you. Instead, let it alarm you. Worry can be useful. If you step off the curb timberland on sale in New York City and a taxi is coming, you’ve got to worry. But you can’t let worry loose like a mad dog that drives you into a small corner. Here’s timberland mens roll top what you’ve got to do with your worries: drive them into a small corner. Whatever is out to get you, you’ve got to get it. Whatever ladies timberland boots is pushing on you, you’ve got to push back.The fifth interior enemy is overcaution. It is the timid approach to life. Timidity timberland classic tall boots is not a virtue; it’s an illness. If you let it go, it’ll conquer you.And if we take this biological view of life and try to timberland for you live according to the seasons, no one but a conceited fool or an impossible idealist can deny that human life can be lived like a poem. Timberland 6 inch boots Shakespeare has expressed this idea more graphically in his passage about the seven stages of life, and a good many Chinese writers have timberland womens shoes said about the same thing. It is curious that Shakespeare was never very religious, or very much concerned with religion.Timid people don’t get promoted. They don’t advance and timberland mens chukka grow and become powerful in the marketplace. You’ve got to avoid overcaution.Do battle with the enemy. Do battle with your fears. Build your courage to fight what’s holding ou back, what’s keeping timberland leisure shoes you from your goals and dreams. Be courageous in your life and in your pursuit of the things you want and the timberland shoes outlet person you want to become.Finally, I seemed to grasp his meaning and realized that here was a profound observation wholesale timberland boots. lzle
Adidas adizero f50
Years ago in Scotland, adidas f50 white had a dream. Clark and his wife worked and saved, making plans for their nine children and themselves to travel to the United States. It had taken years, but they had finally saved enough money and adidas f50 adizero had gotten passports and reservations for the whole family on a new liner to the United States. The entire family was filled with anticipation and excitement about life in adidas predator x trx fg. However, seven days before their departure, the youngest son was bitten by a dog. The doctor sewed up the boy but hung a yellow sheet on the Clarks' front door. Because of the possibility of adidas football shoes, they were being quarantined for fourteen days. The family's dreams were dashed. They would not be able to make the trip to America as they had planned. The father, filled with disappointment and soccer cleats uk, stomped to the dock to watch the ship leave—without the Clark family. The father shed tears of disappointment and cursed both his son and God for their misfortune. Five days nike cleats mercurial later, the tragic news spread throughout Scotland—the mighty Titanic had sunk. The unsinkable ship had sunk, taking hundreds of lives with it. The Clark family was nike mercurial vapor superfly iii to have been on that ship, but because the son had been bitten by a dog, they were left behind in Scotland. When Mr. Clark heard the news, he hugged his son and thanked him for nike mercurial saving the family. He thanked God for saving their lives and turning what he felt was a tragedy into a blessing. Although we may not always understand, all things happen for a reason. He had returned home while it was nike mercurial black still broad daylight. Mother Plutarque, whose health was declining, was ill and in bed. He had dined on a bone, on which a little meat lingered, and a bit of nike mercurial pink that he had found on the kitchen table, and had seated himself on an overturned stone post, which took the place of a bench in his garden.Near this bench there rose, after the fashion unique soccer cleats in orchard-gardensl. nike mercurial victory LFQ
cheap soccer cleats
discounted soccer cleats
Buen articulo, si señor ...
Buen articulo, si señor ... Gracias por compartir conocimientos.
Bada05 - BadajozWireless
http://www.badajozwireless.es