HPE Community
Operating System - Linux
1827791 Members
2732 Online
109969 Solutions
New Discussion

Port Redirecting using xinetd.

 
Nico van Royen
Frequent Advisor

‎11-05-2002 10:50 PM

‎11-05-2002 10:50 PM

Port Redirecting using xinetd.

Hi all,

I am using xinetd to redirect incomming requests on port 80 from one of my IP's (on a redhat box) to be redirected to a machine inside the intranet. So far so good.. the other machine (a webserver from a customer running apache). The problem is that the logging of the apache server only sees the 1st machine as 'source-ip', meaning web-traffic statistics are incomplete as they only show the firewall machine. Is there anyway (with xinetd or other way) to have the webserver machine see the REAL ip from the visitor?

The entry for xinetd used is:

service web
{
port = 80
bind = 212.26.219.29
socket_type = stream
protocol = tcp
user = root
redirect = 192.168.1.31 80
type = UNLISTED
wait = no
}

hardware setup:

machine 1 (internet connection):
eth0: 217.8.98.137 (internet)
eth1: 192.168.1.30 (internal)
eth2: 212.26.219.29 (internet, used for redirection)

machine 2 (just internal network)
eth0: 192.168.1.31

Thanks in advance...
-NvR
If all else fails, try reading the manual...
0 Kudos
Reply
4 REPLIES 4
U.SivaKumar_2
Honored Contributor

‎11-06-2002 12:06 AM

‎11-06-2002 12:06 AM

Re: Port Redirecting using xinetd.

Hi,
It is not possible to see real IP address of the visitor from apache logs as the xinetd acts as a proxy ( in other words port address
translation or NAT overload ).

Therefore the packets originationg from xinetd
server will have source IP of xinetd server and
destination IP of apache server. Now apache server will send the content to the xinetd server . xinetd server will take care of forwarding the content to the visitor. ( stateful port forwarding)

Only one solution to overcome this is to use xinetd logging option.


service web
{
port = 80
log_type = FILE /var/log/webaccess.log
log_on_success = PID HOST EXIT
bind = 212.26.219.29
socket_type = stream
protocol = tcp
user = root
redirect = 192.168.1.31 80
type = UNLISTED
wait = no
}

#touch /var/log/webaccess.log

Restart xinetd daemon

regards,
U.SivaKumar



Innovations are made when conventions are broken
0 Kudos
Reply
Nico van Royen
Frequent Advisor

‎11-07-2002 12:46 AM

‎11-07-2002 12:46 AM

Re: Port Redirecting using xinetd.

This will log all visitors that browse pages on the webserver but as web-stats it can't be used. I guess we have to live with it.
Thanks anyway for the reaction.

- NvR
If all else fails, try reading the manual...
0 Kudos
Reply
Bill Thorsteinson
Honored Contributor

‎11-07-2002 08:25 AM

‎11-07-2002 08:25 AM

Re: Port Redirecting using xinetd.

Look at putting Apache on the machine you are forwarding from and using its proxy services to the machine on the intranet.

0 Kudos
Reply
Mark Bainter
Advisor

‎11-13-2002 01:56 PM

‎11-13-2002 01:56 PM

Re: Port Redirecting using xinetd.

I agree with using Apache to proxy being an option, but unless you have need to run apache locally (which it doesn't sound like you do) I'd suggest setting up squid to handle this for you.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.