Network Infrastructure w/Jabber

Kareem Shehata kareem-d+8TeBu5bOew5LPnMra/2Q at
Thu Jul 15 16:01:07 UTC 2004

On Thu, 2004-07-15 at 11:20, Robert Brockway wrote:
> On Thu, 15 Jul 2004, Kareem Shehata wrote:
> > I have an odd question about network topology.  I'm trying to start up a
> > Jabber server, which in and of itself isn't hard  (I love Debian:
> > apt-get install jabber).  The trick is that I don't want to run jabber
> Yep, it rocks :)

After all of the IM I've seen, this is definitely some of the slickest
stuff around.  Now I just need to convince some people to use it :)

> Look at using DNAT in the netfilter firewall (iptables) to redirect ports
> from the web/email server to the other box.  Ssh can also be used to
> redirect ports but using DNAT is preferable.  Using a redirection like
> this it will look to the world like the jabber server is on the webserver
> but in reality it is elsewhere.

I was afraid that would be the case.  I'd rather avoid doing anything to
the web/email server, especially since I'm not sure if I compiled any
netfiltering capabilities into the kernel.  Oh well.  I'll just have to
live with - at least until I become satisfied with
its stability and the debian team puts the packages into stable.

> Do consider the security implications of allowing someone to pass right
> through the firwall and access a jabber server on your desktop box.  Make
> sure you keep that box fully patched.

Definitely will do!

Thanks for the help Rob.


   kareem-d+8TeBu5bOew5LPnMra/2Q at   -    Kareem Shehata     -     416-766-4911     
   Reminds me of my safari in Africa. Somebody forgot the corkscrew
   and for several days we had to live on nothing but food and
     -- W. C. Fields

The Toronto Linux Users Group.      Meetings:
TLUG requests: Linux topics, No HTML, wrap text below 80 columns

More information about the Legacy mailing list