HPE Community
Operating System - Linux
1828225 Members
2558 Online
109975 Solutions
New Discussion

Re: synchronising tally data through linux

 
kcpant
Trusted Contributor

‎10-05-2004 06:40 PM

‎10-05-2004 06:40 PM

synchronising tally data through linux

Hi all,

a new question : anybody have any idea how to sync tally data through linux firewall?

I have only one public IP, which I've used in my linux proxy/mail server. a tally server is there in my organisation, which is on private IP. people from branches of organisation sync their tally data with this server in order to keep updated data.They were able to do that before, because organisation was using MS ISA server as firewall/proxy. Now, it is migrated to redhat :squid. Now, can you suggest me the way I can make an iptables chain to route the tally sync data to and fro from my Tally server? a tally expert told me that tally data moves on port 9000 of http.I know it can be done by SNAT & DNAT combination, but need some guidence from you all.

thanks..
PreSales Specialist
0 Kudos
5 REPLIES 5
Steven E. Protter
Exalted Contributor

‎10-05-2004 07:05 PM

‎10-05-2004 07:05 PM

Re: synchronising tally data through linux

If ALL traffic on port 9000 is tally data traffic,you can do it with port forwarding on iptables.

There are several good examples in my vpn thread here.

http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=624078

Just need to change th port number.

SNAT/DNAT basically lets one public ip address service an entire external network. This lets inside users access the Internet. It also might be required for this tally data server.

Example:
http://bec.at/support/iptables-tutorial/

My search in case it doesn't work.

http://www.google.com/search?hl=en&q=iptables+snat&btnG=Google+Search

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
kcpant
Trusted Contributor

‎10-05-2004 08:04 PM

‎10-05-2004 08:04 PM

Re: synchronising tally data through linux

hi steven,

thanks again for this suggestion. I'm wondering nobody else than you is responding to the queries I'm putting in this forum.anyways....


I have learnt a lot from the thread link ( vpn link you 've posted in past) you sent. Please let me know in future any other related thread.

i'll implement forwarding/SNAT/DNAT tomorrow, and let you know the results.

thanks...
PreSales Specialist
0 Kudos
Johannes Krackowizer_1
Valued Contributor

‎10-06-2004 06:11 PM

‎10-06-2004 06:11 PM

Re: synchronising tally data through linux

hi,

for simply doing nat, try this iptables line:

iptables -t nat -A PREROUTING -p tcp --dport 9000 -i eth1 -j DNAT --to 192.168.100.100

-i defines the network device that is connnected to the internet

--to the ip address of your tally server

this simple line takes all ip packets, that try to connect over TCP to port 9000 from internet (eth1), and forward them to an local ip (e.g. 192.168.100.100).

the client on the internet will think he is talking to your firewall.

johannes
"First off, I'd suggest printing out a copy of the GNU coding standards, and NOT read it. Burn them, it's a great symbolic gesture." (Linus Torvalds)
0 Kudos
kcpant
Trusted Contributor

‎10-10-2004 10:48 PM

‎10-10-2004 10:48 PM

Re: synchronising tally data through linux

Hi steven,

your vpn thread helped me a lot to do the things working. I've used forward rules, SNAT & DNAT rules to get it.now it is working fine.

Now I've a new question, I should start a new thread for it, but it's a chain of solutions on the same project , so I'm putting it here.

My domain's name is not same as the domain used for mailing. let's say, the actual name of my domain is potato.net , but we use tomato.net domain name for mailing. we have purchsed some mail accounts for this virtual domain from an ISP. so, that ISP handeles mails for this tomato.net domain.I use fetchmail to retrive mails from my ISP for my users and put them in their mailboxes on local accounts. users use pop clients ( mainly outlook) for getting mails on their machines.I use ISP's SMTP server as a SMART HOST in my sendmail configuration to relay all mails through it.

Now, I want to use the virtual domain name for transefering mails localy. means, if a user have an actual ID user@potato.net, the ID should look as user@tomato.net and mails should not be relayed to ISP, but should be handled by my sendmail server locally, thus making mail delivery faster for inside users.I have used virtual domain concept in my local DNS server, and mails now , if sent to user@tomato.net, are handeled locally. but, the problem is, all users of tomato.net are not local, some are outside the local network. so, if I send mails to users not local, my sendmail SMTP gives error " user unknown".that is obvious bacause that is not a local user.

So, scenario is, how can I make a mail configuration, which can handle mails for internal users on virtual domain locally, and at the same time, relay the mails addressed to the users on virtual domain which are not local to the ISP?.. I need it to be working, because relaying all mails through ISP delays mail delivery, which is practically not good.moreover, when this client was using MS based solution, they were able to do this kind of thing.
PreSales Specialist
0 Kudos
kcpant
Trusted Contributor

‎02-24-2005 10:11 PM

‎02-24-2005 10:11 PM

Re: synchronising tally data through linux

closing thread
PreSales Specialist
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.