| Douglas Muth on 16 Feb 2012 19:39:39 -0800 |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
| Re: [PLUG] network choice from the application level |
On Thu, Feb 16, 2012 at 10:09 PM, Eric at Lucii.org <eric@lucii.org> wrote: > > Is it possible for the applications (PHP) to select which of the two > OUTGOING IP addresses it uses to talk to the database server? > > The database people want the requests to come FROM a different IP > address depending on the particular application. > > I think it's impossible. I'm not aware of any way to do that in PHP, but iptables may be an option. Unfortunately, I'm not that advanced with iptables. Your best bet may be to make the "offending" PHP application try connecting to an alternate IP address or maybe an alternate port on the target machine and then rewriting the source and target info with iptables. Something like: iptables -A PREROUTING -p tcp --dport $ALTERNATE_PORT -j DNAT --to-destination $DATABASE_IP:$CORRECT_PORT iptables -A POSTROUTING -m connect --ctstate DNAT -j SNAT --to-source $ALTERNATE_IP I haven't tested that config, though. -- Doug ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug