Simply, is it possible to make nginx log all the request information (source address, protocol, headers, etc.)? Especially, in some parseable format.
How can I properly add basic network filters (clean-traffic or, at least, ip-spoofing prevention) to XEN (xend) guests managed by libvirt?
Or, in particular, can I manually execute libvirt's nwfilters from a script (for given parameters)?
I am using libvirt's network to create the bridge (default, bridge virbr0), but, apparently, the xen's vif-bridge script is used to initialize the virtualized system's networking, and libvirt drops nwfilter definitions in domain's xml (probably because it is converted to xen's native config).
Is it possible to do some port redirection on linux for IPv6 alongside the IPv4 redirection?
The point is to make all the various services — that are running on separate hosts / virtual systems — available on example.com as well as sumehost.example.com (which pretty much works that way anyway with iptables prerouting for IPv4).
In a perfect case this would be something like ICMP message “for this port on this host connect to that host”, but I don't know if that's possible in IPv6.
Is it possible (and how) to set up two servers to handle mail for a domain (or two domains) in such a way that any of the servers can get down for a while (like few days) transparently, i.e. so that users will still be able to modify own mail over IMAP (like marking it as read, deleting, etc.)?
Getting the mail delivered in any way is easily done by setting MX records; but what mail storage can be used that way? In the best case it should be able to change data at both disconnected nodes and merge (with any way of conflict resolving) on synchronizations (couchdb comes to mind, although not completely applicable here).
I have exim4+courier-imap currently set up, but it won't be a critical problem to replace then with something.
How can I set up apache2 (or nginx, possibly) to serve the same set of virtual hosts over both HTTP and HTTPS?
The certificate part is not the problem — all virtual hosts are inside one subdomain and I use a wildcard certificate for it.
I'm thinking of using proxypass for it, but, first, it seems slightly ineffective and, second, I'm not sure whether it would be secure (i.e. so that server cannot be asked over HTTPS for some irrelevant host); and I don't (yet) see how this can be set up in apache anyway.
EDIT: Duplication of configuration parts is undesirable, i.e. it is still a last-resort solution.
Is there any way to forcefully limit OpenVPN client's addresses?
I.e. for each of multiple clients (identified by certificates) offer a specific IP address and disallow it to use any other.
It (something at least) has to be done on OpenVPN level itself, since there seems to be no differentiation between clients on the tap interface on server, but I can't find anything appropriate.