Mailinglist Archive: opensuse-security (670 mails)
| < Previous | Next > |
Re: [suse-security] Iptables-Redirect
- From: Ralf Ronneburger <ralf@xxxxxxxxxxxxxx>
- Date: Tue, 27 Nov 2001 18:38:27 +0100
- Message-id: <3C03CF93.1070801@xxxxxxxxxxxxxx>
Hi Thomas,
are you sure, that the firewall is running? Check that out first, try to
do something that's not allowed or use iptables -vL.
Greetings,
Ralf
Thomas Goetz wrote:
> Hi all,
>
> imagine a server (SuSE 7.3) at a school with diskless clients (etherboot/ltsp) working on it.
> Internet via ippp0, ibod, iptables, SuSEFirewall2 2.0, junkbuster (Port 1234)
> [to keep the kids away from 'junk'] chained to squid (Port 5678).
>
> Clients connected via eth0.
>
> Idea is not to allow direct http access for eth0 and local accounts, all this traffic has to run
> through the proxy chain.
>
> Redirect-Rule in firewall2.rc.config:
> FW_REDIRECT="0/0,0/0,tcp,80,1234"
>
> The traffic gets not redirected, no log entries about redirect.
>
> The same thing worked on 7.0 with ipchains and firewall 1.7.
>
> Any ideas ?
>
> Thanks in advance
>
>
are you sure, that the firewall is running? Check that out first, try to
do something that's not allowed or use iptables -vL.
Greetings,
Ralf
Thomas Goetz wrote:
> Hi all,
>
> imagine a server (SuSE 7.3) at a school with diskless clients (etherboot/ltsp) working on it.
> Internet via ippp0, ibod, iptables, SuSEFirewall2 2.0, junkbuster (Port 1234)
> [to keep the kids away from 'junk'] chained to squid (Port 5678).
>
> Clients connected via eth0.
>
> Idea is not to allow direct http access for eth0 and local accounts, all this traffic has to run
> through the proxy chain.
>
> Redirect-Rule in firewall2.rc.config:
> FW_REDIRECT="0/0,0/0,tcp,80,1234"
>
> The traffic gets not redirected, no log entries about redirect.
>
> The same thing worked on 7.0 with ipchains and firewall 1.7.
>
> Any ideas ?
>
> Thanks in advance
>
>
| < Previous | Next > |