Home | Content | Search | Navigation | Indexes
 

Mailinglist Archive: opensuse-security (605 mails)

< Previous Next >
AW: [suse-security] netfilter with transparent squid
  • From: "Philipp Snizek" <mailinglists@xxxxxxxxx>
  • Date: Fri, 12 Oct 2001 11:13:24 +0200
  • Message-id: <000001c152fe$25a44d20$b600000a@xxxxxxxxxxxxxx>

Does this also work for ftp?


>
>
>Sorry not to mention that squid runs on the firewall.
>----- Original Message -----
>From: Oyku Gencay <oykug@xxxxxxxxxx>
>To: Joelly Alexander <alex@xxxxxxxxxx>; SuSE Security
><suse-security@xxxxxxx>
>Sent: Friday, October 12, 2001 12:01 PM
>Subject: Re: [suse-security] netfilter with transparent squid
>
>
>> Try this.
>>
>> $IPTABLES -t nat -A PREROUTING -p TCP -i $LAN_IFACE --dport 80 -j
>> REDIRECT --to-port 3128
>> you should also have
>> $IPTABLES -A -m state --state ESTABLISHED,RELATED -j ACCEPT
>> $IPTABLES -t nat -A POSTROUTING -o $INET_IFACE -j MASQUERADE
>> ....
>>
>> $IPTABLES is the path to the iptables executable and $LAN_IFACE and
>> $INET_IFACE should be your corresponding NIC such as eth0, eth1.
>>
>> My default polcies are to DROP, and you should also make the required
>> configuration in squid.
>>
>> Hope this helps.
>>
>> Regards,
>> Oyku Gencay
>>
>> ----- Original Message -----
>> From: Joelly Alexander <alex@xxxxxxxxxx>
>> To: <suse-security@xxxxxxxx>
>> Sent: Friday, October 12, 2001 12:06 PM
>> Subject: [suse-security] netfilter with transparent squid
>>
>>
>> > does anyone know how to setup a netfilter-firewall with transparent
>> > squid ?
>> > there is a document called "transparent proxy with linux and squid
>> > mini-howto";
>> > sure it works, but only when the default policies are set
>to accept;
>> > for higher security my default policies are set to drop and the
>> > transparent answer my requests;
>> >
>> > does anyone have a similar szenario that works ?
>> > are there some samples or useful hints avaliable ?
>> >
>> > thx alex
>> >
>> > --
>> > To unsubscribe, e-mail: suse-security-unsubscribe@xxxxxxxx
>> > For additional commands, e-mail: suse-security-help@xxxxxxxx
>> >
>>
>>
>> --
>> To unsubscribe, e-mail: suse-security-unsubscribe@xxxxxxxx
>> For additional commands, e-mail: suse-security-help@xxxxxxxx
>>
>
>
>--
>To unsubscribe, e-mail: suse-security-unsubscribe@xxxxxxxx
>For additional commands, e-mail: suse-security-help@xxxxxxxx
>



< Previous Next >
References