Mailinglist Archive: opensuse-security (670 mails)
| < Previous | Next > |
Re: [suse-security] Iptables-Redirect
- From: Thomas Goetz <thomas.goetz@xxxxxxxx>
- Date: Tue, 27 Nov 2001 20:55:19 +0100
- Message-id: <3C03EFA7.998179C3@xxxxxxxx>
Hi Ralph,
of course I've checked this !
Regards
Thomas
Ralf Ronneburger schrieb:
>
> Hi Thomas,
>
> are you sure, that the firewall is running? Check that out first, try to
> do something that's not allowed or use iptables -vL.
>
> Greetings,
>
> Ralf
>
> Thomas Goetz wrote:
>
> > Hi all,
> >
> > imagine a server (SuSE 7.3) at a school with diskless clients
> (etherboot/ltsp) working on it.
> > Internet via ippp0, ibod, iptables, SuSEFirewall2 2.0, junkbuster
> (Port 1234)
> > [to keep the kids away from 'junk'] chained to squid (Port 5678).
> >
> > Clients connected via eth0.
> >
> > Idea is not to allow direct http access for eth0 and local accounts,
> all this traffic has to run
> > through the proxy chain.
> >
> > Redirect-Rule in firewall2.rc.config:
> > FW_REDIRECT="0/0,0/0,tcp,80,1234"
> >
> > The traffic gets not redirected, no log entries about redirect.
> >
> > The same thing worked on 7.0 with ipchains and firewall 1.7.
> >
> > Any ideas ?
> >
> > Thanks in advance
> >
> >
>
> --
> To unsubscribe, e-mail: suse-security-unsubscribe@xxxxxxxx
> For additional commands, e-mail: suse-security-help@xxxxxxxx
--
-----------------------------------------------------------------
Thomas Götz * Röntgenstrasse 37 * 95032 Hof * +49 9281 92323
http://www.bnhof.de/~ho4562 mailto:Thomas.Goetz@xxxxxxxx
-----------------------------------------------------------------
Wir, die guten Willens sind, geführt von Ahnungslosen, versuchen
für die Undankbaren, das Unmögliche mit Unfähigen zu erreichen.
(Kung Fu Tse, AKA Konfuzius)
-----------------------------------------------------------------
of course I've checked this !
Regards
Thomas
Ralf Ronneburger schrieb:
>
> Hi Thomas,
>
> are you sure, that the firewall is running? Check that out first, try to
> do something that's not allowed or use iptables -vL.
>
> Greetings,
>
> Ralf
>
> Thomas Goetz wrote:
>
> > Hi all,
> >
> > imagine a server (SuSE 7.3) at a school with diskless clients
> (etherboot/ltsp) working on it.
> > Internet via ippp0, ibod, iptables, SuSEFirewall2 2.0, junkbuster
> (Port 1234)
> > [to keep the kids away from 'junk'] chained to squid (Port 5678).
> >
> > Clients connected via eth0.
> >
> > Idea is not to allow direct http access for eth0 and local accounts,
> all this traffic has to run
> > through the proxy chain.
> >
> > Redirect-Rule in firewall2.rc.config:
> > FW_REDIRECT="0/0,0/0,tcp,80,1234"
> >
> > The traffic gets not redirected, no log entries about redirect.
> >
> > The same thing worked on 7.0 with ipchains and firewall 1.7.
> >
> > Any ideas ?
> >
> > Thanks in advance
> >
> >
>
> --
> To unsubscribe, e-mail: suse-security-unsubscribe@xxxxxxxx
> For additional commands, e-mail: suse-security-help@xxxxxxxx
--
-----------------------------------------------------------------
Thomas Götz * Röntgenstrasse 37 * 95032 Hof * +49 9281 92323
http://www.bnhof.de/~ho4562 mailto:Thomas.Goetz@xxxxxxxx
-----------------------------------------------------------------
Wir, die guten Willens sind, geführt von Ahnungslosen, versuchen
für die Undankbaren, das Unmögliche mit Unfähigen zu erreichen.
(Kung Fu Tse, AKA Konfuzius)
-----------------------------------------------------------------
| < Previous | Next > |