Redirecting traffic on SunOne 6.1 SP4
hi all,
i've got a web server running SunOne 6.1 SP4, and im trying to figure how to redirect traffic from 2 different locations.
the web server is accessed both thru the LAN and the Internet. how is it possible to re-direct traffic coming from an internal UP to another interanl IP and traffic from an external IP to an external IP.....?
currently im using the following in my obj.conf file. but this is re-directing all traffic to one location.
<Client security="false">
NameTrans fn="redirect" from="/" url-prefix="http://x.x.x.x/"
</Client>
how can i configure this to re-direct traffic coming from the LAN (these come from a 10.1.x.x segment) to another internal IP and traffic coming from the web to another external IP...?
any help on the matter would be highly appreciated.
thanks and regards,
To Documentation team,
Here is what to do :
update in http://docs.sun.com/app/docs/doc/820-1643/6nda4qg75?l=en&a=view#abvau
Old Text :
<Client ip="~192.85.250.*">AddLog fn="flex-log" name="access"</Client>
New Text :
<Client ip="\*~192.85.250.\*">
AddLog fn="flex-log" name="access"
</Client>
Note that a * (asterisk) is required before ~ (tilda) and make these 3 separate lines.
Similar Messages
-
Redirect traffic destined for an IP on Server 1 to go to Server 2 at DR Site?
DNS is what I'm using for most of my subnets. The problem is that I have a handful of subnets that have devices that are under the control of an outside agency. Those devices access a server in my DC by pointing to the IP Address.
If I performed a failover test to Server 2 at a DR Site, how can I redirect traffic from those subnets to Server 2 if they are still pointing at the IP on Server 1? In the DC, a 6509 sits between Server 1 and the subnets in question. To get to Server 2 at the DR site, I have an FWSM in the DC and an ASA5585 at the DR site.If your route point is a router or L3 switch then you could configure a route-map with an ACL that is used to change the next hop ip for the servers in the DC to the DRC. This will be a lot of manual configuration and testing but it maybe a viable solution.
Sent from Cisco Technical Support iPad App -
How to do a PortForward/Port Proxy? Redirecting traffic from port 8080 to 80 on the SAME machine
We have a CFTV system running on Win2008R2 that listens on 4 sequential port numbers and the last port is the Web Browser Port number for management and viwing cameras
When we configure the port 8077 on the software, it opens 8077, 8078, 8079 and 8080 and works with no problem
But...
When we try to configure ports 77 (and therefore 77, 78, 79 and 80) thw applications hangs and seems like not be possible to configure to use port 80
I could confirm that, using NETSTAT and the main CFTV application open all required ports with no problem, but only works on ports with a different number from "80", wich is what i want, to make users more confortable, avoiding to type ":PORT_NUMBER"
after the URL, it will be more "ellegant" solution to use default port 80 for user´s connections
The question is: How to do a PortForward/Port Proxy? Redirecting traffic from port 8080 to 80 on the SAME machine?
May i Use NETSH? (based on Help, it can be used to do this, but on different machines, not the same one)
There is a RELIABLE application, running as a service, that can do the port forward/redirect?Hi,
I’m sorry to tell you that we can’t redirect traffic from a port to another port on the same server itself. But we can do it with a router which is configured to portfoward.
By the way, according to your description, another program may use the port 80. Is there an IIS installed on the server? If it is necessary, you can consult your CFTV system vendor.
Hope this helps.
Steven Lee
TechNet Community Support -
Using OHS to redirect traffic based on intranet or internet URL
Hello,
we have a requirement where we have to launch our application on internet. Application is working fine on local intranet URL or internet URL but not working on both at same time.we have application developed with ADF and other fusion components.
This is the topology we are using here :-
SPS(secured proxy server to configure internet URL) --> OHS -> Managed server(1,2,3,4)
We have to setup a URL redirect rule at OHS level where
---> if the incoming traffic is from intranet URL application work based on intranet URL's BUT
-->if the traffic is coming from internet URL, OHS internally take care of URL redirect and work for external users too..
Summery is, application should work for both internet and intranet URL, but pls note both the URL are different
like
intranet- https:\\abcd.intranet.xxx.com\abs\login
internet - https:\\abcd.xxx.com\abs\login
could someone pls help me on this and provide your valuable suggestion on how we can achieve this at OHS level...Thanks AMN,
I was able to successfully get the redirect to work with the following Javascript code.
In the folder: C:\OracleBI\oc4j_bi\j2ee\home\default-web-app
I created the following OBIEE.html file
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html lang="en,us">
<HEAD>
<TITLE>Test OBIEE Redirect Page<TITLE>
</HEAD>
<BODY>
<script type="text/javascript">
var agent = (navigator.userAgent).toLowerCase();
var weburl = './analytics/';
var moburl = './analyticsMobile/';
var reg_exp = /(ipod|iphone|android|opera mini|blackberry|palm os|palm|hiptop|avantgo|plucker|xiino|blazer|elaine|windows ce; ppc;|windows ce; smartphone;|windows ce; iemobile|up.browser|up.link|mmp|symbian|smartphone|midp|wap|vodafone|o2|pocket|kindle|mobile|pda|psp|treo)/;
if( reg_exp.test(agent) ) {
window.location = moburl;
else {
window.location = weburl;
</script>
</BODY></HTML>
The javascript gets the USER agent and does a regular expression match to see if its any popular handheld device. If so, it redirects them to the mobile address. Otherwise the user is directed to the standard site.
All I need to do is pass around the URL:
http://localhost:9704/OBIEE.html
And users will be dynamically sent to the correct location.
Thanks!
-Joe -
Redirecting traffic based on source address on CSS11503
Hi all,
I need to redirect HTTP traffic originating from a specific range of IPs to a specific farm of HTTP servers. More specifically, I need request comming to CSS's outside VIP address on port 80/tcp to be redirected to the HTTP farm (2 boxes with RFC1918 addresses) on port 30084/tcp.
The trick is that this rule should only apply for a certain range of source IP addresses. The rest should be content switched normally. I.e. 80/tcp -> 80/tcp, etc.
Is this possible with ACL or somthing similar?
I'm running WebNS 7.20 on a CSS11503.
Thanks,
haveryou could create a 2nd VIP like x.x.x.x:81 and
a service like
service redirect
domain x.x.x.x:81
type redirect
keepalive type none
Under the Vip x.x.x.x:81, you configure the 2 services with private ip addresses and port 30084.
Then you create an ACL
acl 10
clause 10 permit tcp destination content prefer redirect
clause 99 permit any any destination any
apply circuit-VLAN...
Don't forget you will need an ACL permit any any on all other interfaces to avoid blocking the rest of the traffic.
What this will do is tell the browser to close the current connection to vip:80 and reopen a new one to vip:81 and this will be loadbalanced to the private servers.
Gilles. -
Using WL8.1 to redirect traffic without caching
Hello All,
First off, I'm no web developer or Weblogic Guru, but was hoping someone might have some insight.
I have a https load balanced application (PeopleSoft) in which I'm going to put a maintenance page before the application. If the load balancer sees the http maintenance page up (health checks), it will direct traffic to the maintenance page web server IP, instead. I will also have an emergency page that if both the maintenance page and application webservers are down, traffic will be redirected there.
As the application stands today, the user hits the load balancer which redirects to the welcome page (currently index.html), which in turn redirects to the http<b>s</b> application URL on the same server (probably not the cleanest way to do this) via a HTTP refresh.
The load balancer and only redirect to a port and IP, not a URL. The maintenance page, application, and emergency page will all sit on separate WL 8.1 webservers.
Here is the issue: when the maintenance page is brought up and traffic is directed by the load balancer to that web server, if the Internet Explorer temporary Internet files are not purged, the default page (a web page with some system down info) is not displayed to the user. Instead, the browser attempts to use the cached refresh to the application's login page, which of course doesn't exist on the maintenance page's webserver.
I have tried to use variations on the following HTTP, but it doesn't appear to prevent caching of the refresh.
<HTML>
<HEAD>
<META HTTP-EQUIV="Cache-Control" CONTENT="no-cache">
<META HTTP-EQUIV="Pragma" CONTENT="no-cache">
<META HTTP-EQUIV="Expires" CONTENT="-1">
<TITLE>EMDMO Redirect Page</TITLE>
</HEAD>
<BODY>
<META HTTP-EQUIV="Refresh" CONTENT="0;URL=http://63.240.173.221/emdmo/signon.html">
</BODY>
</HTML>
I have also tried to set the welcome page in web.xml to the respective pages on each server, but apparently there's some caching involved there as well.
Does anyone have any recommendations as to how to handle this? I assume that Weblogic can be used to handle a redirect to a specific application or other page.
Any input is appreciated!
AveryIf your route point is a router or L3 switch then you could configure a route-map with an ACL that is used to change the next hop ip for the servers in the DC to the DRC. This will be a lot of manual configuration and testing but it maybe a viable solution.
Sent from Cisco Technical Support iPad App -
WLC - Redirect Traffic to Web Proxy
Hi,
We need to create Guest WLAN on WLC 5508 which will be used for internet access only.
My questions are:
1. Is it possible to use our external web proxy server to authenticate users?
2. Can we also forward all traffic to the external web proxy to filter the websites that can be accessed (without configuring it on the browser)?
3. Can this be achieved using the L3 webauth?
Our topology:
WLC -- Switch -- ASA Firewall -- Internet -- External Web Proxy
We are using WLC as DHCP server for Guest WLAN with ASA Firewall as the gateway.
Any inputs and ideas are appreciated.
Many thanks.Otiynomed,
I have come across this problem recently as well and ended up using an Internal DHCP server with Option 252 configured which will point Users towards our proxy for authentication. Unfortunately it isn't a perfect setup as the following issues occurred:
If using Option 252, make sure the wpad file has an internal re-direction for the virtual interface of your anchor controller to allow web-auth redirection otherwise devices will try to get to that address externally
Some devices don't support Option 252
You have to set the devices to 'auto proxy discover' whether Windows or Apple
If using devices running less than iOS 6 then embedding authentication in the proxy settings upon initial connection will still end up with users being prompted for HTTPS authentication constantly. HTTP traffic will work fine however.
Android devices don't like Option 252 and most of the applications don't work with authentication via a proxy except browsing
Alternatively, use web-auth but link it to an LDAP server or RADIUS server for authentication and use a transparent proxy. Problem solved -
WCCP and 7600 - not redirecting traffic
I have a Blue Coat SG 210 connected to a 7600(SUP720). All web traffic is passing thru the 7600, WCCP config between the SG and 7600 are working. However traffic isn;t being redirected to Blue Coat..any idea why?
ip wccp 0 redirect-list BLUE-COAT group-list 90
Extended IP access list BLUE-COAT
1 permit tcp host 10.160.161.125 any eq www
2 permit tcp host 10.160.161.125 any eq 443
10 permit tcp host 10.160.161.199 any eq www
20 permit tcp host 10.160.161.199 any eq 443
Standard IP access list 90
8 permit 10.148.131.42 (2217 matches)
interface GigabitEthernet5/1
ip address 10.148.130.13 255.255.255.252
ip wccp 0 redirect in (I have tried both in/out)
ip pim sparse-dense-mode
ip route-cache flow
ip ospf network point-to-point
sh ip wccp
Global WCCP information:
Router information:
Router Identifier: 10.148.135.253
Protocol Version: 2.0
Service Identifier: 0
Number of Cache Engines: 1
Number of routers: 1
Total Packets Redirected: 0
Redirect access-list: BLUE-COAT
Total Packets Denied Redirect: 0
Total Packets Unassigned: 0
Group access-list: 90
Total Messages Denied to Group: 0
Total Authentication failures: 0
sh ip wccp 0 detail
WCCP Cache-Engine information:
Web Cache ID: 10.148.131.42
Protocol Version: 2.0
State: Usable
Redirection: GRE
Packet Return: GRE
Packets Redirected: 0
Connect Time: 05:52:10
Assignment: MASK
Mask SrcAddr DstAddr SrcPort DstPort
0000: 0x0000003F 0x00000000 0x0000 0x0000
Value SrcAddr DstAddr SrcPort DstPort CE-IP
0000: 0x00000000 0x00000000 0x0000 0x0000 0x0A94832A (10.148.131.42)
0001: 0x00000001 0x00000000 0x0000 0x0000 0x0A94832A (10.148.131.42)
0002: 0x00000002 0x00000000 0x0000 0x0000 0x0A94832A (10.148.131.42)
0003: 0x00000003 0x00000000 0x0000 0x0000 0x0A94832A (10.148.131.42)
0004: 0x00000004 0x00000000 0x0000 0x0000 0x0A94832A (10.148.131.42)
0005: 0x00000005 0x00000000 0x0000 0x0000 0x0A94832A (10.148.131.42)
0006: 0x00000006 0x00000000 0x0000 0x0000 0x0A94832A (10.148.131.42)
0007: 0x00000007 0x00000000 0x0000 0x0000 0x0A94832A (10.148.131.42)
0008: 0x00000008 0x00000000 0x0000 0x0000 0x0A94832A (10.148.131.42)
0009: 0x00000009 0x00000000 0x0000 0x0000 0x0A94832A (10.148.131.42)
0010: 0x0000000A 0x00000000 0x0000 0x0000 0x0A94832A (10.148.131.42)
0011: 0x0000000B 0x00000000 0x0000 0x0000 0x0A94832A (10.148.131.42)
0012: 0x0000000C 0x00000000 0x0000 0x0000 0x0A94832A (10.148.131.42)
0013: 0x0000000D 0x00000000 0x0000 0x0000 0x0A94832A (10.148.131.42)
0014: 0x0000000E 0x00000000 0x0000 0x0000 0x0A94832A (10.148.131.42)
0015: 0x0000000F 0x00000000 0x0000 0x0000 0x0A94832A (10.148.131.42)
0016: 0x00000010 0x00000000 0x0000 0x0000 0x0A94832A (10.148.131.42)
0017: 0x00000011 0x00000000 0x0000 0x0000 0x0A94832A (10.148.131.42)
0018: 0x00000012 0x00000000 0x0000 0x0000 0x0A94832A (10.148.131.42)
0019: 0x00000013 0x00000000 0x0000 0x0000 0x0A94832A (10.148.131.42)
0020: 0x00000014 0x00000000 0x0000 0x0000 0x0A94832A (10.148.131.42)
0021: 0x00000015 0x00000000 0x0000 0x0000 0x0A94832A (10.148.131.42)
0022: 0x00000016 0x00000000 0x0000 0x0000 0x0A94832A (10.148.131.42)
0023: 0x00000017 0x00000000 0x0000 0x0000 0x0A94832A (10.148.131.42)
0024: 0x00000018 0x00000000 0x0000 0x0000 0x0A94832A (10.148.131.42)
0025: 0x00000019 0x00000000 0x0000 0x0000 0x0A94832A (10.148.131.42)
0026: 0x0000001A 0x00000000 0x0000 0x0000 0x0A94832A (10.148.131.42)
0027: 0x0000001B 0x00000000 0x0000 0x0000 0x0A94832A (10.148.131.42)
0028: 0x0000001C 0x00000000 0x0000 0x0000 0x0A94832A (10.148.131.42)
0029: 0x0000001D 0x00000000 0x0000 0x0000 0x0A94832A (10.148.131.42)
0030: 0x0000001E 0x00000000 0x0000 0x0000 0x0A94832A (10.148.131.42)
0031: 0x0000001F 0x00000000 0x0000 0x0000 0x0A94832A (10.148.131.42)
0032: 0x00000020 0x00000000 0x0000 0x0000 0x0A94832A (10.148.131.42)
0033: 0x00000021 0x00000000 0x0000 0x0000 0x0A94832A (10.148.131.42)
0034: 0x00000022 0x00000000 0x0000 0x0000 0x0A94832A (10.148.131.42)
0035: 0x00000023 0x00000000 0x0000 0x0000 0x0A94832A (10.148.131.42)
0036: 0x00000024 0x00000000 0x0000 0x0000 0x0A94832A (10.148.131.42)
0037: 0x00000025 0x00000000 0x0000 0x0000 0x0A94832A (10.148.131.42)
0038: 0x00000026 0x00000000 0x0000 0x0000 0x0A94832A (10.148.131.42)
0039: 0x00000027 0x00000000 0x0000 0x0000 0x0A94832A (10.148.131.42)
0040: 0x00000028 0x00000000 0x0000 0x0000 0x0A94832A (10.148.131.42)
0041: 0x00000029 0x00000000 0x0000 0x0000 0x0A94832A (10.148.131.42)
0042: 0x0000002A 0x00000000 0x0000 0x0000 0x0A94832A (10.148.131.42)
0043: 0x0000002B 0x00000000 0x0000 0x0000 0x0A94832A (10.148.131.42)
0044: 0x0000002C 0x00000000 0x0000 0x0000 0x0A94832A (10.148.131.42)
0045: 0x0000002D 0x00000000 0x0000 0x0000 0x0A94832A (10.148.131.42)
0046: 0x0000002E 0x00000000 0x0000 0x0000 0x0A94832A (10.148.131.42)
0047: 0x0000002F 0x00000000 0x0000 0x0000 0x0A94832A (10.148.131.42)
0048: 0x00000030 0x00000000 0x0000 0x0000 0x0A94832A (10.148.131.42)
0049: 0x00000031 0x00000000 0x0000 0x0000 0x0A94832A (10.148.131.42)
0050: 0x00000032 0x00000000 0x0000 0x0000 0x0A94832A (10.148.131.42)
0051: 0x00000033 0x00000000 0x0000 0x0000 0x0A94832A (10.148.131.42)
0052: 0x00000034 0x00000000 0x0000 0x0000 0x0A94832A (10.148.131.42)
0053: 0x00000035 0x00000000 0x0000 0x0000 0x0A94832A (10.148.131.42)
0054: 0x00000036 0x00000000 0x0000 0x0000 0x0A94832A (10.148.131.42)
0055: 0x00000037 0x00000000 0x0000 0x0000 0x0A94832A (10.148.131.42)
0056: 0x00000038 0x00000000 0x0000 0x0000 0x0A94832A (10.148.131.42)
0057: 0x00000039 0x00000000 0x0000 0x0000 0x0A94832A (10.148.131.42)
0058: 0x0000003A 0x00000000 0x0000 0x0000 0x0A94832A (10.148.131.42)
0059: 0x0000003B 0x00000000 0x0000 0x0000 0x0A94832A (10.148.131.42)
0060: 0x0000003C 0x00000000 0x0000 0x0000 0x0A94832A (10.148.131.42)
0061: 0x0000003D 0x00000000 0x0000 0x0000 0x0A94832A (10.148.131.42)
0062: 0x0000003E 0x00000000 0x0000 0x0000 0x0A94832A (10.148.131.42)
0063: 0x0000003F 0x00000000 0x0000 0x0000 0x0A94832A (10.148.131.42)Ilir,
How is this second group of users connected to the ASA? Their outbound traffic has to be going out the "inside" interface also. If they are on another port on the ASA, WCCP won't catch their traffic. i.e. You can't use the DMZ interface on an ASA and point its web traffic at a WSA that lives inside.
Ken -
Service Insertion/Service Graphs & Policy based traffic redirection
Hi,
My question is to use policy based service insertion/service graphs between the EPGs communications to redirect traffic to ASA firewall & F5 slb.
Below are Cisco ACI components:
1- Spines & Leafs
2- APIC Controllers
3- Cisco ASA Firewall attached to the APIC via device package
4- F5 SLB attached to the APIC via device package
I have the below scenario for the communication between the EPGs e.g:
WEB-EPG (consumer)
APP EPG (provider) (consumer for DB)
DB (provider)
I want to use contract that includes filter on port 80 to permit and action for service insertion to provide SLB (F5) service between the WEB & APP communications.
I want to use contract that includes filter on port any* to permit and action for service insertion to provide firewall (ASA) service between the APP & DB communications.
Can I do policy based "traffic redirection" through service graphs in the contract's service insertion?
Is it supported in version 1.0(3i)?
I believe, NSH (Network services header) will add in the VXLAN header before reaching the dest VNID and redirect the traffic to the clusters of the services node i.e. SLB or FW, Then traffic will reach the destination address after striping all services.
Regards,
AnserHello Muhammad,
traffic redirection is not supported on 1.0(3i) , while NSH is still submitted to IETF as a draft from industry vendors , I think try to avoid waiting for it.
Regards
Mohammed ElSherbiny -
ISE & Switch URL redirect not working
Dear team,
I'm setting up Guest portal for Wired user. Everything seems to be okay, the PC is get MAB authz success, ISE push URL redirect to switch. The only problem is when I open browser, it is not redirected.
Here is some output from my 3560C:
Cisco IOS Software, C3560C Software (C3560c405-UNIVERSALK9-M), Version 12.2(55)EX3
SW3560C-LAB#sh auth sess int f0/3
Interface: FastEthernet0/3
MAC Address: f0de.f180.13b8
IP Address: 10.0.93.202
User-Name: F0-DE-F1-80-13-B8
Status: Authz Success
Domain: DATA
Security Policy: Should Secure
Security Status: Unsecure
Oper host mode: multi-domain
Oper control dir: both
Authorized By: Authentication Server
Vlan Group: N/A
URL Redirect ACL: redirect
URL Redirect: https://BYODISE.byod.com:8443/guestportal/gateway?sessionId=0A005DF40000000D0010E23A&action=cwa
Session timeout: N/A
Idle timeout: N/A
Common Session ID: 0A005DF40000000D0010E23A
Acct Session ID: 0x00000011
Handle: 0xD700000D
Runnable methods list:
Method State
mab Authc Success
SW3560C-LAB#sh epm sess summary
EPM Session Information
Total sessions seen so far : 10
Total active sessions : 1
Interface IP Address MAC Address Audit Session Id:
FastEthernet0/3 10.0.93.202 f0de.f180.13b8 0A005DF40000000D0010E23A
Could you please help to explore the problem? Thank you very much.With switch IOS version later than 15.0 the default interface ACL is not required. For url redirection the dACL is not required as this ACL is part of traffic restrict for "guest" users.
In my experiece some users can not get the redirect correctly because anti-spoof ACL on management Vlan or stateful firewall blocks the TCP syn ack.
It is rare in campus network access layer switches have user SVI configured so the redirect traffic has to be sent from the netman SVI, but trickly the TCP SYN ACK from the HTTP server will be sent back from the netman Vlan without source IP changed. (The switch is spoofing the source IP in my understanding with changing only the MAC address of the packet). In most of the cases there should be a basic ACL resides on the netman SVI on the first hop router, where the TCP SYN ACK may be dropped by the ACL.
tips:
1. "debug epm redirect" can make sure your traffic matches the redirect url and will get intercepted by the switch
2. It will be an ACL or firewall issue if you can see epm is redirecting your http request but can not see the SYN ACK from the requested server.
Which can win the race: increasing bandwidth with new technologies VS QoS? -
Hi, when you redirect traffic to the CWS service for scanning, do you redirect the real traffic this way or is it a mirrored copy of the traffic ?
If all traffic is redirected to the Cloud, where are the Cisco datacenters located. Good to know I guess, since you don't want to avoid to much of latency
/JanToddy, see [http://news.cnet.com/8301-30685_3-20004620-264.html?tag=mncol;txt]
-
HTTP Redirect not working as inteded
We went live with a new website on a new domain yesterday. The plan was to redirect traffic to the new domain. When you enter olddomain.org, it redirects you properly to newdomain.com as it should.I work for financial institution that uses online banking. The URL for our online banking system has been changed as well. We had an SSL certificate setup on onlinebanking.olddomain.org. My coworker setup a new SSL certificate on IIS for onlinebanking.newdomain.com. Once the site change was made I applied the new certificate to the new site and everything worked properly. However users that bookmarked onlinebanking.olddomain.org are receiving certificate errors since the cert has been applied to the new domain.So I setup a HTTP redirect to redirect onlinebanking.olddomain.org to newdomain.com. The HTTP redirect works fine when you manually...
This topic first appeared in the Spiceworks CommunityHere is the response I received for others who come across this or have a similar issue in the future:
When you open it with the URL ending in the '/', the two dot, '..', takes the browser, top one level from the current directory which is 'month-1' and looks for the 'res' directory in 'examples' directory. Where as, when you open the URL not ending in '/', it again takes the browser, top one level starting from the current directory which is 'examples' and looks for the 'res' directory on the
root and since it does not exist over there, thus it displays the page with errors. -
Migrating from Comcast PWP - redirection question
I've run my website hosted by Comcast PWP for 18 months, but it's time to move on as FileZilla stopped working and Comcast PWP support seems to have sunset.
Since I built my website by hand (HTML and Notepad) instead of using proprietary PWP tools, it's easy to move the pages to another web hosting provider.
My question is: what's the best way to redirect clicks on my Comcast PWP website to the new host?
I have a domain name (http://newbostonhistoricalsociety.com) at Register.com, and I've pointed that to the new host instead of Comcast.
Therefore anyone accessing my website from the homepage will get content from the new host.
However, many Google searches point to my individual web pages with the Comcast name embedded in the URL: http://home.comcast.net/~nbhs/cannon.html for example.
I've got a dozen or more pages like this one which got a lot of hits over the past year and a half.
I would like to preserve whatever "link juice" I've built up with the search engines while I steer traffic to the new URLs and host.
It appears that there are two popular ways to redirect traffic.
I can use a "Meta Refresh Tag" in my header or I can try to implement a 301 redirect. (I hope I'm using the correct terminology.)
The 301 redirect looks like it would globally redirect all traffic from my Comcast site to the new site.
However, I've got to create an .htaccess file in the root of my web server, and I'm not sure if I can do that with Comcast PWP or how.
I also don't understand if all clicks get redirected to the home page of the new site, which might confuse people.
Plan B is to put a "Meta Refresh Tag" into each of the separate pages' HTML files so that for example http://home.comcast.net/~nbhs/cannon.html would be redirected to the new site's URL http://newbostonhistoricalsociety.com/cannon.html . Once there, any clicks would stay on the new site.
Does anyone have thoughts about what's best?
I've read mixed reviews on the "Meta Refresh Tag" as to whether or not it upsets Search Engine Optimization.Thanks in advance for any recommendations!BethKatz wrote:
[ ... ] As I have told people who have asked, consider Google Sites. [ ... ]Yes, I've tried that - https://sites.google.com/site/johnsslackkey/ - but there isn't the freedom of doing your own HTML, CSS, and js. One must learn how to tweak Google's page builder. And I had to find a work-around for an HTML5 audio player, since Google sites are not HTML5. Ditto with Tumblr. Which is why I really wanted a host with which I could simply FTP content to build the site. AlterVista seems OK in that respect ... test page here. This is the fastest way to move stuff off the Comcast host. -
Traffic move through Proxy Server in Production
Hello,
Internet
|
Internet Router
|
Internet switch
|
IPS
|
Firewall
|
IPS
Inside ()---- Access-sw----------Core-SW------------DMZ
This is my Company network diagram, all data go through the firewall IPS is Inline mode on Acess and Core sw static route is configured for firewall but management wants all inside (Noc Room Helpdesk Team and Third Party members) traffic must pass via Proxy server that is connected to Core switch Please anybody tell me How can i do this in a Production Enviornment and which type of changes i need to do on Access or Core Switch.They will use Squid for Proxy on Linux ServerWCCP can be used to redirect traffic to the proxy server. See below a configuration example:
http://www.crypt.gen.nz/papers/cisco_squid_wccp.html
Don't forget to rate all posts that are helpful by clicking on the stars below. -
Iptables and tor, reroute all traffic for security... Help?
I'm attempting to route all TCP traffic that does not go through polipo through port 9040, tor's default TransPort. My web browser uses polipo to cache stuff, so I'd like to keep it in place if possible. However, all non-http traffic needs to be sent through the transPort. My current config, which does not take into account rerouting, is below:
# Generated by iptables-save v1.4.15 on Fri Oct 12 16:33:33 2012
#*nat
#:PREROUTING ACCEPT [12:3420]
#:INPUT ACCEPT [1:261]
#:OUTPUT ACCEPT [0:0]
#:POSTROUTING ACCEPT [0:0]
#-A OUTPUT ! -p tcp -m owner --owner-uid tor -j REDIRECT --to-ports 9040
#-A OUTPUT -p udp --dport 53 -j REDIRECT --to-ports 9053
#COMMIT
# Completed on Fri Oct 12 16:33:33 2012
# Generated by iptables-save v1.4.15 on Fri Oct 12 16:33:33 2012
*filter
:INPUT DROP [9:1175]
:FORWARD ACCEPT [0:0]
:OUTPUT DROP [8:488]
# allow loopback
-A INPUT -i lo -j ACCEPT
-A OUTPUT -o lo -j ACCEPT
# allow NTPD time syncs
-A OUTPUT -p udp --dport 123 -j ACCEPT
# allow tor
-A OUTPUT -j ACCEPT -m owner --uid-owner tor
-A OUTPUT -p tcp --dport 9040 -j ACCEPT
-A OUTPUT -p udp --dport 53 -j ACCEPT
# allow BitTorrent
-A OUTPUT -p tcp --dport 6969 -j ACCEPT
-A OUTPUT -p tcp --dport 51413 -j ACCEPT
-A OUTPUT -p udp --dport 51413 -j ACCEPT
# allow pings (still not working. fix?)
-A OUTPUT -p icmp --icmp-type 8 -j ACCEPT
-A INPUT -p icmp --icmp-type 8 -m conntrack --ctstate NEW -j ACCEPT
# allow traffic on established connections
-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A INPUT -m conntrack --ctstate INVALID -j DROP
COMMIT
# Completed on Fri Oct 12 16:33:33 2012
as you can see, I've already tried to redirect traffic using the --uid-owner polipo rule. So far, it's just caused iptables to spit out errors. I'm stumped, so I thought I'd come to you wonderful people at the Archlinux forums for help.Using the command you gave me, I found that the polipo user is indeed executing /usr/bin/polipo. Other than that, polipo is executing no processes.
I tried adding the following to my iptables rules nat section:
-A OUTPUT -p tcp -m tcp -m owner ! --uid-owner polipo -j ACCEPT
-A OUTPUT -p tcp -m tcp -m owner ! --uid-owner polipo -j REDIRECT --to-ports 9040
polipo now works, but the rest of my traffic that should go to the TransPort gets blocked.
[EDIT]
I'm now trying the same thing, except that I've chained privoxy with polipo like so:
browser > privoxy > polipo > tor > internet
my iptables rules look like this:
# Generated by iptables-save v2.4.15 on Fri Oct 12 16:33:33 2012
*nat
:PREROUTING ACCEPT [12:3420]
:INPUT ACCEPT [1:261]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
#-A OUTPUT -p tcp -m tcp -m owner ! --uid-owner tor -j REDIRECT --to-ports 9040
-A OUTPUT -p tcp -m tcp -m owner ! --uid-owner tor -m owner ! --uid-owner polipo -m owner ! --uid-owner privoxy -j REDIRECT --to-ports 9040
COMMIT
# Completed on Fri Oct 12 16:33:33 2012
# Generated by iptables-save v1.4.15 on Fri Oct 12 16:33:33 2012
*filter
:INPUT DROP [9:1175]
:FORWARD ACCEPT [0:0]
:OUTPUT DROP [8:488]
# general
-A OUTPUT -p tcp -m owner --uid-owner tor -j ACCEPT
-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A OUTPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
# allow loopback
-A INPUT -i lo -j ACCEPT
-A OUTPUT -o lo -j ACCEPT
-A INPUT -p all -s 127.0.0.1 -d 127.0.0.1 -j ACCEPT
# allow NTPD time syncs
-A OUTPUT -p udp --dport 123 -j ACCEPT
# allow tor
-A OUTPUT -p tcp --dport 9040 -j ACCEPT
-A OUTPUT -p udp --dport 53 -j ACCEPT
-A OUTPUT -p tcp --dport 8123 -j ACCEPT
-A OUTPUT -p tcp --dport 8118 -j ACCEPT
# allow pings
-A OUTPUT -p icmp --icmp-type 8 -j ACCEPT
COMMIT
# Completed on Fri Oct 12 16:33:33 2012
and it STILL won't route traffic right. iptables redirects to the TransPort, but any traffic passed through polipo or privoxy reveals "connection reset" error message. Help?
Last edited by ParanoidAndroid (2013-03-12 01:50:51)
Maybe you are looking for
-
I want to use the old version of FF from my previous pc. I saved the profile folder etc on the old pc. The old HD is attached to the new pc via USB. How do I tell what version the old one was? After installing the old version on the new pc I want to
-
I have a really old iPod mini that i have music on that I need to transfer to my library and new iPod. I no longer have certain songs in my library and it wont let me transfer them to the library from the mini. Help would be great!
-
I thought I was installing an update and now iTunes will not open on my computer... HELP!!!!
-
IPad mini Wifi 64GB Black Crashes frequently
I have an iPad mini Wifi 64GB Black, it frequently crashes when I'm using it, this can happen at anytime, for example, when reading a book in iBooks, playing Chess, using safari etc. Has anyone else had this problem? If so, we're you able to resolve
-
WM - Confirm Transfer Order - and automated Goods Issue posting
Hi We operate Warehouse Management, on the Sales Process that has been implemented, we have standard sales order, delivery with a transfer order created in WM, when the TO for the delivery is confirmed in WM (tcode LT12) this usually automatically cr