> On Sat, 3 May 1997, MegaZone wrote:
>
> > (snip)
> > Can't do it. You'd have to spoof the server IP with a proxy server.
> > And unless they are already configured to use a proxy there is no
> > transparent way to do it.
Would it be possible to at least via radius or otherwise, dynamically
force all routes for a ptp port through to a single host?
> You actually COULD do it. What youd need is a PC running linux or
> something like IPRoute (a firewall/single ip routing program). Youd have
> to route all the traffic thru the pm 3 TO this box. Then youd have to run
> a MODIFIED version of the routing daemon, like gated for example, on the
> linux box to intercept any packets with an httpd destination port on them,
> alter its actual CONTENTS to reflect the ip address of the web server you
> want them to see, then ship it out...
Sounds good. I'd also much rather have the "normal" users function as
normal (i.e. user's computer<-->PM3<-->Gateway), and only insert the
intercepting box for a particular user if and when needed (See my above
question).
> Dave Mischler wrote a program called IPRoute which runs on a PC which
> could be used as BASE code to write such a beast, although its primary
> function is to allow multiple machines on a local net use 1 ip address for
> the internet by maintaining an internal translation table (NAT), or the
> newer GNAT.
>
> Neither method would require that you run the workstation in proxy mode as
> you are physically intercepting the packets.
To paraphrase, a firewall tuned to trap/redirect packets.
> I think this is actually a good idea and worth looking into to market. Ill
> see what I can come up with over the next month or so on the linux side.
> This would be called soemthing like NAT rerouting or NAT destination
> manipulation?
If you decide to go GNU on this and need help, I'd be glad to.
Thanks for the input.
Leonard.