[nos-bbs] HTTP server restriction maybe

(Skip) K8RRA k8rra at ameritech.net
Tue Apr 17 14:18:05 EDT 2007 

On Tue, 2007-04-17 at 12:08 -0500, Barry Siegfried wrote:

> ["(Skip) K8RRA" <k8rra at ameritech.net> wrote]:
> 
> > Try this model:
> > Site A (me):
> >    Host A1 / Linux: static 192.168.1.32 IP + jnos 44.102.132.20
> >    LAN to Internet bridge appliance: LAN IP 192.168.1.254 + WAN IP 24...
> > dynamic
> >    Host A2 / any O/S: dynamic LAN IP 192...
> 
> And don't you also have a 44-net IP address on the Linux side of
> the TUN device to JNOS?

Oh no - the host stack only has a route to 44... network - there is no
44 IP on the host.

> <<SNIP>>- the primary issue is that the FROM IP is NOT 44....
> 
> Well it should be.  Why isn't it?

No - it should not be - network rules are being accurately followed
here.
The only way to get to 44... as a FROM IP (without re-writing jnos to
share the host stack) is thru NAT as far as I know.


> 
> > As a parting thought Barry:
> >
> > Remember this conversation is pointed at defining a *representative*
> > set of configuration examples for documentation on the wiki.  It is
> > my desire that the wiki example might be used like a cut-and-paste
> > to create new config files while changing a site.
> 
> Skip, I'm sorry to tell you that cutting and pasting other people's
> configs are EXACTLY what gets most newbies into trouble and getting
> other people involved anyway "to straighten out the mess".  You are
> not the first person to try and do this with an "automated installation"
> of one sort or another.  All very noble goals to get more people
> "interested".  But it doesn't change the fact that every config is
> unique and there is just no way around that.
> 
> Honestly, I think you are spinning your wheels with this idea of
> creating a "one config fits all" scenario.

Oh no no - not one but *maybe* a dozen...?
My life has demonstrated many times that learning from example is quite
effective.
Please don't confuse "not thinking for one's self" with "cut-and-paste"
- and I'll leave automation to developers.
I'm headed for enough examples that learning what is "right for me" can
be done from comparison with what has been "right for several others".
That is why I ask you for examples of what has worked in the past...

>   There are infinite
> possibilities within infinite choices.

Oh come on - only if you include minutia like specific IP numbers do the
options count become truly large.
The sad part in this is that manufacturer and model of equipment does
effect the options available to the user (as in LinkSys Router & Bridge
appliance).

Yup - havin fun.

73
de [George (Skip) VerDuin] K8RRA k
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.tapr.org/pipermail/nos-bbs_lists.tapr.org/attachments/20070417/49b44287/attachment.html>

More information about the nos-bbs mailing list