debian - port and ip forwarding from local machine to googel.com -
i want see google main page when type virtual machine's ip address in browser. want type in windows browser 192.168.132.131:8080 , redirected google's main page (173.194.122.198:80). 192.168.132.131 ip address of debian virtual machine. how should open port 8080 , configure iptables? did tutorial suggested didn't wanted. http://www.debiantutorials.com/port-forwarding-with-iptables/ please ...
to see happens made tests debian-behind-a-linux instead of debian-behind-a-windows because have no windows. (i think) because i'm not in usa ip in example doesn't work me. used ip ping google.com
i can tell exemple in tutorial still works, , if try hand on windows telnet 192.168.132.131 8080
connect google, assuming made correctly (what giving rules iptables-save
? )
what doesn't work (anymore?) http request: http embeds ip address , sends google doesn't know url , redirect http 301 google without ip in url. alas http redirection kept port 8080. since your debian not routing this can't intercept flow , second http request won't seen @ all. syn_sent on windows host trying connect port 8080 of google server.
to overcome (i did) edit windows' hosts file , add lot of google names in front of 192.168.132.131 have second request going through debian vm. time google sends http 302 set cookie , gives new url without port 8080. if you're lucky you'll connection reset debian box because there's nothing port 80 there (using web client links on host). google can see have modern browser (firefox...) , give https redirection in http 302. next connection port 443 , encrypted...
the thing more or less worked using links (not firefox) directly on http://www.google.xx:8080/ xx being country code after changing hosts file (not using http://192.168.132.131:8080/ ). search page , search. using www.google.com (and not being in us) redirect www.google.xx , fail too.
solution: if it's http, use http tool, not tcp/ip tool: use proxy (squid, apache...).
if it's interception, can use redirection (with iptables) , transparent proxy settings on proxy remember if it's not seing traffic because it's not on router or somewhere uplink, things won't work correctly. luck https because web client complain man in middle attacks @ best.
Comments
Post a Comment