Mailinglist Archive: opensuse-security (605 mails)
| < Previous | Next > |
Re: [suse-security] web Firewall question
- From: "Alan" <aumanlung@xxxxxxxxxxx>
- Date: Sun, 14 Oct 2001 22:13:31 +0800
- Message-id: <011901c154ba$67f404a0$0100a8c0@home01>
Internet --------(firewall 1 [X.X.X.10]:80) --------(3128 :Proxy:
80)---------( 80: firewall 2:80)---------80:Web Server
If someone what to access my web server (X.X.X.10) Public IP.
Then the first firewall will only forward the traffic to this ip port 80 and
443. to the proxy server..
Next is proxy server will need pass through the firewall 2 and go in the Web
server ( Private IP)
Two question :
The first is how to use squid to build reverse proxy server and tell that
server to go to the web server get information.
Because the normal user from outside.. They don't know the setting how to
.....
The second is Proxy to firewall 2 ... I will use port forward function.
Thank
Alan Au
----- Original Message -----
From: "Scott Courtney" <courtney@xxxxxxx>
To: "Alan" <aumanlung@xxxxxxxxxxx>; <suse-security@xxxxxxxx>
Sent: Sunday, October 14, 2001 9:33 PM
Subject: Re: [suse-security] web Firewall question
> On Sunday 14 October 2001 09:17 am, Alan wrote:
> > Hi all,
> > I have question on design the firewall on the web server My idea is
like
> > that
> >
> >
> > Internet --------(firewall 1) --------(Proxy)---------(firewall
2)---------
> > Web Server
> >
> >
> > I need most secure setting on that. Any suggestion?
> >
>
> We will probably need more details on what you are trying to accomplish.
>
> What is the reason for the two firewalls, and what will be filtered by
each?
> Are you masquerading, and if so, on which firewall? Will firewall 1 be
allowing
> some inbound traffic, in effect making the network between firewalls 1 and
2
> a DMZ? If so, what else besides the proxy will be on it?
>
> Scott
>
> --
> -----------------------+--------------------------------------------------
----
> Scott Courtney | "I don't mind Microsoft making money. I mind them
> courtney@xxxxxxx | having a bad operating system." -- Linus
Torvalds
> http://www.4th.com/ | ("The Rebel Code," NY Times, 21 February 1999)
>
> --
> To unsubscribe, e-mail: suse-security-unsubscribe@xxxxxxxx
> For additional commands, e-mail: suse-security-help@xxxxxxxx
>
>
>
| < Previous | Next > |