Failed User Redirect

از ویکی پارس پویش
پرش به: ناوبری, جستجو

محتویات

Introduction

We want to redirect user, to user panel, when user fails to login. User can use his panel to recharge his own account, create a support ticket or send a message to administrator. The idea is using failed login username feature of IBSng, to redirect user to user panel.

IBSng Configuration

As previously mentioned we need a failed user with multiple login and special ip pool, and set that as failed_login_username attribute of IN ras See Failed Login Username This feature is available on version B1.33 Tag 48 and afterwards.

Network Configuration

A network rule needs to be setup, to redirect all failed user ip pool and dst port 80 traffic to IBSng server port 8000.

Warning
Don't forget to exclude IBSng ip address from redirection rule

A sample configuration for mikrotik, assuming IBSng ip address is 10.0.0.3 and failed user ip pool contains ip in range 192.168.20.0/24 

 0   chain=dstnat dst-address=10.0.0.3 protocol=tcp dst-port=80 action=return
 1   chain=dstnat src-address=192.168.20.0/24 protocol=tcp dst-port=80 action=dst-nat to-addresses=10.0.0.3 to-ports=8000

A sample configuration for Linux, assuming IBSng ip address is 10.0.0.3 and failed user ip pool contains ip in range 192.168.20.0/24 

iptables -t nat -I PREROUTING -d 10.0.0.3/32 -j RETURN
iptables -t nat -A PREROUTING -s 192.168.20.0/24 -p tcp -m tcp --dport 80 -j DNAT --to-destination 10.0.0.3:8000
iptables -t nat -A POSTROUTING -s 192.168.20.0/24 -p udp -m udp --dport 53 -j MASQUERADE
iptables -t nat -A POSTROUTING -s 192.168.20.0/24 -p tcp -m tcp --dport 53 -j MASQUERADE
iptables -t nat -I POSTROUTING -s 10.0.0.0/23 -d www.pec24.com -j MASQUERADE

Apache Configuration

Apache needs to be configured to listen on port 8000 and redirect any request to registeration form

Listening on an extra port

Add these lines to /etc/apache2/ports.conf 

NameVirtualHost *:8000
Listen 8000

Create IBS Failed Redirect Site

Create ibs_failed_redirect file under /etc/apache2/sites-available. Replace x.x.x.x with a ng in user accessible ip of IBSng server. 

<VirtualHost *:8000>
        ServerAdmin webmaster@localhost

        DocumentRoot /var/www/
        <Directory />
                Options FollowSymLinks
                AllowOverride All
        </Directory>
        <Directory /var/www/>
                Options Indexes FollowSymLinks MultiViews
                AllowOverride All
                Order allow,deny
                allow from all
        </Directory>


        # Possible values include: debug, info, notice, warn, error, crit,
        # alert, emerg.
        LogLevel warn

        CustomLog /var/log/apache2/access.log combined

        RewriteEngine on
        RewriteRule .* http://x.x.x.x/IBSng-tg/failedUser [R]

</VirtualHost>

Enabling Site and Modules

Run 

a2ensite ibs_failed_redirect
a2enmod rewrite
برگرفته از «http://wiki.parspooyesh.net/index.php?title=Failed_User_Redirect&oldid=161»
ابزارهای شخصی

گویش‌ها
فضاهای نام
عملکردها
گشتن
جعبه‌ابزار