also sprach Pedro P Sacristan Sanz <psacrist@es.ibm.com> [2002.03.20.0847 +0100]: > If you don't want change anything at this time, may be you could use an > easy workaround if you are now using SSH in your firewall and web server: > if you use the "-L" option, you could start a SSH session from your > firewall to your web server and forward every incomming connection to port > 80 in the firewall to your web server... > > your_firewall#ssh -L 80:10.10.0.10:80 awebuser@10.10.0.10 > > You only will have to be sure that you allow TCP port 22 from your firewall > to your web server, and that your SSH configuration allows port forwarding > (well, and may be you shoul monitor you ssh tunnel: if it goes down, it > stops working). have a look at my package at [1] for the same functionality except for the encryption (you don't always need it, and unencrypted is way faster). it does provide bandwidth control as a nice goody on the side... 1. http://www.madduck.net/~madduck/debian/iprelay/ -- martin; (greetings from the heart of the sun.) \____ echo mailto: !#^."<*>"|tr "<*> mailto:" net@madduck "mirrors should reflect a little before throwing back images." -- jean cocteau
Attachment:
pgpyPNXYSo6gd.pgp
Description: PGP signature