| === Muhammad is now known as OERIAS | ||
| mapps | hi all | 05:18 |
|---|---|---|
| OERIAS | hey mapps | 07:42 |
| OERIAS | Anyone here has tried PA roms? | 07:42 |
| j0sh^ | Ey guys, any iptables gurus here? Trying to migrate a web server hosting and do redirects from old -> new using IPtables, while DNS propogates | 08:27 |
| MartijnVdS | j0sh^: you want DNAT | 08:31 |
| MartijnVdS | probably | 08:32 |
| j0sh^ | MartijnVdS: currently am using: | 08:32 |
| j0sh^ | iptables -t nat -A PREROUTING -p tcp --dport 443 -j DNAT --to-destination NEWSERVERIP | 08:32 |
| j0sh^ | iptables -t nat -A POSTROUTING -p tcp -d NEWSERVERIP --dport 443 -j MASQUERADE | 08:33 |
| j0sh^ | but on the new web server, it's logging the IP address of the OLD server for incoming requests | 08:33 |
| MartijnVdS | masquerade? I don't think that's necessary | 08:33 |
| j0sh^ | which is the http_x_forwarded_for address | 08:33 |
| MartijnVdS | yeah.. that's because you're doing this on the IP level | 08:34 |
| MartijnVdS | if you want a proper X-Forwarded-For, you'll have to set up your web server to do the reverse proxying work | 08:34 |
| j0sh^ | MartijnVdS: I thought thats what MASQUERADE was for. So it sends to new server as if from original client, not itself... | 08:34 |
| MartijnVdS | no, it can't | 08:35 |
| MartijnVdS | Routing and ARP don't work that way | 08:35 |
| MartijnVdS | (if it did, you could spoof being any IP as a client, by setting up a masquerade rule) | 08:35 |
| j0sh^ | Am following this btw: http://serverfault.com/questions/371833/changing-servers-redirect-to-new-ip-no-downtime | 08:36 |
| j0sh^ | :/ | 08:36 |
| j0sh^ | rather blindly may I add | 08:36 |
| MartijnVdS | that might work if they're both on the same network.. or it might not | 08:36 |
| j0sh^ | So there is no way to redirect all traffic from old web server to new web server ( while DNS propogates ) and keep the client IP? | 08:37 |
| === zmoylan-1i is now known as zmoylan-pi | ||
| brobostigon | morning boys and girls. | 09:07 |
| MartijnVdS | hi brobostigon | 09:07 |
| brobostigon | morning MartijnVdS | 09:07 |
| popey | http://www.3ders.org/articles/20140826-minnesotan-world-first-3d-printed-concrete-castle-in-his-own-backyard.html | 09:09 |
| popey | want ☻ | 09:09 |
| === Seeker`_ is now known as Seeker` | ||
| === Seeker` is now known as Guest97941 | ||
| === Guest97941 is now known as Seeker | ||
| === Lcawte|Away is now known as Lcawte | ||
| mapps | hi all | 12:26 |
| zmoylan-1i | greetings carbon based lifeforms :-) | 12:26 |
| mapps | :D | 12:33 |
| === zmoylan-1i is now known as zmoylan-pi | ||
| === dutchie_ is now known as dutchie | ||
| === Lcawte is now known as Lcawte|Away | ||
| === Lcawte|Away is now known as Lcawte | ||
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!