Visibility of the server on the network from the outside

P

proshev2012-09-16 21:47:34

System administration

proshev, 2012-09-16 21:47:34

Hello! The question is simple, but nevertheless I ask you to help me navigate :)

It is planned to install a server in the home local network, on which some applications will hang on some ports (for example, MySQL, Apache, SSH, etc.). The server will receive the Internet using a Wi-Fi adapter or via a twisted pair cable (I have not chosen it yet) from the router (the firewall is enabled on the router). So here's how to configure the server and / or router so that:

1) some set of ports can only be accessed from the local network (Apache, MySQL, WebMin)
2) some set of ports can be reached from the outside (SSH, FTP)
3) access to other ports was blocked

Server based on Ubuntu 12.04

Reply

Answer the question

In order to leave comments, you need to log in

3 answer(s)

N

Nikolai Turnaviotov, 2012-09-16
@foxmuldercp

"Server over Wifi" is a bad option.
second - * SQL servers usually hang only on the localhost by default and in principle it is not necessary to open access to them, except for the option if the web server and * sql server live on different hosts.
3. Setting up and forwarding ports on the router, especially the home options of dlink, linksis, tplink, asus - quite simply in the web interface.
4. if you forward a port from an external network to an internal network, all internal machines consider that the traffic is internal and then you need to differentiate access for the IP address of the router to the world and all other machines

I

Igor, 2012-09-17
@shanker

Why do you need FTP? Not only is it unsafe (to drive login and pass in the open in traffic). You can take advantage of the secure alternative that SSH provides you. Namely: SFTP

I

Ilya Ableev, 2012-09-16
@ableev

1+2: MySQL, Apache, SSH - allow you to programmatically differentiate access based on the network.
3: iptables?