Run a web server inside LAN
Sponsored Links
Run a web server inside LAN Ranking & Summary
File size:
MB
Platform:
Any Platform
License:
GPL (GNU General Public License)
Price:
Downloads:
1006
Date added:
2007-02-14
Publisher:
uyema.net
Run a web server inside LAN description
Run a web server inside LAN is a simple script to run a WWW server inside a Local Area Network. Run a web server inside LAN script assume all iptables features are compiled statically in the kernel, or all modules are loaded.
Otherwise you may encounter some surprises trying to utilize the more featureful and creative commandlines that Ive come up with.
Sample:
#external and internal interfaces
EXT=eth0
INT=eth1
# clear everything, and create my cascading chains
iptables -F
iptables -N e0
iptables -N tcpin
iptables -N udpin
# e0 is the name of our chain for eth0
iptables -I INPUT -i $EXT -j e0
# OUTPUT Chain
iptables -A OUTPUT -o $EXT -j DROP -p icmp --icmp-type ! echo-request
# remote gnutella queries were really pissing me off one day
# iptables -A OUTPUT -o $EXT -j DROP -p tcp ! --syn --dport 6346
# iptables -A OUTPUT -o $EXT -j DROP -p tcp ! --syn --sport 6346
# $EXT Chain
# a single rule to accept SYN Packets for multiple ports (up to 15)
iptables -A tcpin -j ACCEPT -p tcp --syn -m multiport --destination-ports 873,993,995,143,80,113,21,22,23,25,53
# stateful connection tracking is wonderful stuff
# ESTABLISHED tcp connections are let through
# If we send a SYN out, the ACK is seen as RELATED
# then further communication is accepted by the ESTABLISHED rule
iptables -A e0 -j ACCEPT -m state --state ESTABLISHED
iptables -A e0 -j ACCEPT -m state --state RELATED
# certain ports I simply DROP
iptables -A tcpin -j DROP -p tcp --syn -m multiport --destination-ports 6346,139
# UDP rules...
iptables -A udpin -j DROP -p udp -m multiport --destination-ports 137,27960
# I run a DNS server, so we must accept UDP packets on port 53
iptables -A udpin -j ACCEPT -p udp -m state --state NEW --destination-port 53
# lets log NEW udp packets on ports 1024:65535, then let them through
iptables -A udpin -j LOG -p udp -m state --state NEW --destination-port 1024:65535 --log-level debug --log-prefix UDPNEW --log-ip-options
iptables -A udpin -j ACCEPT -p udp -m state --state NEW --destination-port 1024:65535
# lets log NEW tcp packets on ports 1024:65535, then let them through
iptables -A tcpin -j LOG -p tcp --syn --destination-port 1024:65535 --log-level debug --log-prefix TCPNEW --log-tcp-options --log-ip-options
iptables -A tcpin -j ACCEPT -p tcp --syn --destination-port 1024:65535
# lets log INVALID or NEW tcp packets on priveleged ports, then DROP
# (remember I have certain ACCEPT rules higher up the chain)
iptables -A tcpin -j LOG -p tcp -m state --state INVALID,NEW --destination-port 1:1023 --log-level warn --log-prefix TCPPRIV --log-tcp-options --log-ip-options
iptables -A tcpin -j DROP -p tcp -m state --state INVALID,NEW --destination-port 1:1023
iptables -A e0 -p tcp -j tcpin
iptables -A e0 -p udp -j udpin
iptables -A e0 -j LOG --log-level debug --log-prefix NETFILTER --log-ip-options -m state --state INVALID,NEW
iptables -A e0 -j DROP
# NAT Rules
# I run a web server inside...
iptables -t nat -A PREROUTING -p tcp -i eth0 --dport 80 -j DNAT --to-destination 192.168.1.4:80
Otherwise you may encounter some surprises trying to utilize the more featureful and creative commandlines that Ive come up with.
Sample:
#external and internal interfaces
EXT=eth0
INT=eth1
# clear everything, and create my cascading chains
iptables -F
iptables -N e0
iptables -N tcpin
iptables -N udpin
# e0 is the name of our chain for eth0
iptables -I INPUT -i $EXT -j e0
# OUTPUT Chain
iptables -A OUTPUT -o $EXT -j DROP -p icmp --icmp-type ! echo-request
# remote gnutella queries were really pissing me off one day
# iptables -A OUTPUT -o $EXT -j DROP -p tcp ! --syn --dport 6346
# iptables -A OUTPUT -o $EXT -j DROP -p tcp ! --syn --sport 6346
# $EXT Chain
# a single rule to accept SYN Packets for multiple ports (up to 15)
iptables -A tcpin -j ACCEPT -p tcp --syn -m multiport --destination-ports 873,993,995,143,80,113,21,22,23,25,53
# stateful connection tracking is wonderful stuff
# ESTABLISHED tcp connections are let through
# If we send a SYN out, the ACK is seen as RELATED
# then further communication is accepted by the ESTABLISHED rule
iptables -A e0 -j ACCEPT -m state --state ESTABLISHED
iptables -A e0 -j ACCEPT -m state --state RELATED
# certain ports I simply DROP
iptables -A tcpin -j DROP -p tcp --syn -m multiport --destination-ports 6346,139
# UDP rules...
iptables -A udpin -j DROP -p udp -m multiport --destination-ports 137,27960
# I run a DNS server, so we must accept UDP packets on port 53
iptables -A udpin -j ACCEPT -p udp -m state --state NEW --destination-port 53
# lets log NEW udp packets on ports 1024:65535, then let them through
iptables -A udpin -j LOG -p udp -m state --state NEW --destination-port 1024:65535 --log-level debug --log-prefix UDPNEW --log-ip-options
iptables -A udpin -j ACCEPT -p udp -m state --state NEW --destination-port 1024:65535
# lets log NEW tcp packets on ports 1024:65535, then let them through
iptables -A tcpin -j LOG -p tcp --syn --destination-port 1024:65535 --log-level debug --log-prefix TCPNEW --log-tcp-options --log-ip-options
iptables -A tcpin -j ACCEPT -p tcp --syn --destination-port 1024:65535
# lets log INVALID or NEW tcp packets on priveleged ports, then DROP
# (remember I have certain ACCEPT rules higher up the chain)
iptables -A tcpin -j LOG -p tcp -m state --state INVALID,NEW --destination-port 1:1023 --log-level warn --log-prefix TCPPRIV --log-tcp-options --log-ip-options
iptables -A tcpin -j DROP -p tcp -m state --state INVALID,NEW --destination-port 1:1023
iptables -A e0 -p tcp -j tcpin
iptables -A e0 -p udp -j udpin
iptables -A e0 -j LOG --log-level debug --log-prefix NETFILTER --log-ip-options -m state --state INVALID,NEW
iptables -A e0 -j DROP
# NAT Rules
# I run a web server inside...
iptables -t nat -A PREROUTING -p tcp -i eth0 --dport 80 -j DNAT --to-destination 192.168.1.4:80
Run a web server inside LAN Screenshot
Advertisements
Run a web server inside LAN Keywords
LAN
DROP
NEW
ACCEPT
EXT
INVALID
web server
WWW server
To run
simple script
local area
area network
Iptables
-J
server
inside
Bookmark Run a web server inside LAN
Run a web server inside LAN Copyright
WareSeeker periodically updates pricing and software information of Run a web server inside LAN full version from the publisher, so some information may be slightly out-of-date. You should confirm all information before relying on it. Software piracy is theft, Using crack, password, serial numbers, registration codes, key generators is illegal and prevent future development of Run a web server inside LAN Edition. Download links are directly from our publisher sites, torrent files or links from rapidshare.com, yousendit.com or megaupload.com are not allowed
Featured Software
Want to place your software product here?
Please contact us for consideration.
Contact WareSeeker.com
Related Information
web server monitoring
apache web server
web server extensions
web servers
local area network
web server setup
web server is down
what is a web server
personal web server
web server software
http web server
embedded web server
web server hosting
web server down
what is web server
abyss web server
web server vs application server
iis web server
Related Software
High performance Scalable Web Server, Supporting 1000s of Virtual Servers,with Built in interfaces for Servlets,JSP, ISAPI & CGI.Includes Remote Server Management,Log Analysis Tool & Real Time Server Free Download
Abyss Web Server X1 is a free and compact Web server. It supports SSL, compression, CGI/FastCGI, ISAPI, XSSI, URL rewriting,bandwidth throttling, anti-leeching, anti-hacking, and features a remote web management interface. Free Download
X personal web server is a personal Web server that sits in your desktop notification area (as a tray icon). Free Download
Sws Web Server is a fast, secure, and simple Web server. Free Download
GNOME Personal Web Server is a user friendly web server with GUI included in GNOME-Network. Free Download
Cheyenne Secure Web Server (SWS) is a comprehensive enterprise solution for Apache server. Free Download
POW - Plain Old Webserver is a Firefox extension that adds a server to your browser. Free Download
Web Sharing is a small tray applet for sharing files on the web. Free Download
Latest Software
Popular Software
Favourite Software
