A sandbox enviroment of a web app is reachable directly by an IP address: http:// without a login name.
Is there a way to make a virtual host in my local machine, named as
127.0.0.1
So when I load the url http:// the browser will point to my localhost? The way I can already redirect domain names.
Answer
Hosts file can only be used to associate a domain name with an IP; it cannot map IP to IP.
Altering IPs can be done by a firewall. On Linux, the default firewall is controlled by iptables commands. "man iptables" is the documentation. Google "explain iptables" for introductory explanations.
Some links:
http://linux.die.net/man/8/iptables
http://www.linuxnix.com/2009/12/iptables-in-linux-explained.html
http://blog.adityapatawari.com/2011/12/ip-packet-filtering-iptables-explained.html
Specifically, you want to change OUTGOING requests from your PC to an IP address (
Try this (in place of 123.45.67.89, put the ip_address that needs to be altered):
iptables -t nat -A OUTPUT -p all -d 123.45.67.89 -j DNAT --to-destination 127.0.0.1
Details:
-t nat = table for translating one address to another
-A OUTPUT = append to the list of rules for locally-generated, outgoing, packets. SECURITY WARNING: Make sure the rule includes this OUTPUT directive. If you don't, the rule would create a possible security hole, because matching Incoming packets from remote locations would also be directed to localhost.
-p all = apply to all protocols (tcp, udp, and icmp).
-d 123.45.67.89 = the original IP address that the packet was going to (its destination).
-j DNAT = if the rule matches (in this case, if an outgoing packet has destination IP 123.45.67.89), then handle it with DNAT, which alters the destination.
--to-destination 127.0.0.1 = tells DNAT what to do; replace the original destination with "127.0.0.1".
(NOTE: If you had a more complex situation, such as intercepting requests for specific web pages, an alternative solution might be to use "proxy" software.)
No comments:
Post a Comment