Hi Thomas, I used this one in my old configuration file under 7.3: FW_REDIRECT="192.168.0.0/24,0/0,tcp,80,3128" and it worked. Try iptables -vL to find out, what SuSEFirewall comes up with after processing your config-file. Besides, I would not use "0/0,0/0" for a proxy, because you probably only want the people from the inside to use your proxy... Best Regards, Ralf Thomas Goetz wrote:
Hi Ralph,
of course I've checked this !
Regards Thomas
Ralf Ronneburger schrieb:
Hi Thomas,
are you sure, that the firewall is running? Check that out first, try to do something that's not allowed or use iptables -vL.
Greetings,
Ralf
Thomas Goetz wrote:
Hi all,
imagine a server (SuSE 7.3) at a school with diskless clients (etherboot/ltsp) working on it. Internet via ippp0, ibod, iptables, SuSEFirewall2 2.0, junkbuster (Port 1234) [to keep the kids away from 'junk'] chained to squid (Port 5678).
Clients connected via eth0.
Idea is not to allow direct http access for eth0 and local accounts, all this traffic has to run through the proxy chain.
Redirect-Rule in firewall2.rc.config: FW_REDIRECT="0/0,0/0,tcp,80,1234"
The traffic gets not redirected, no log entries about redirect.
The same thing worked on 7.0 with ipchains and firewall 1.7.
Any ideas ?
Thanks in advance
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com