Mailinglist Archive: opensuse-security (616 mails)
| < Previous | Next > |
Re: Re: [suse-security] SuSeFirewall2 and Squid, Transparent Proxy
- From: Robert Rottscholl <lv426@xxxxxxx>
- Date: Wed, 06 Mar 2002 22:03:41 +0100
- Message-id: <3C86842D.1000800@xxxxxxx>
Hi,
I think I remember that I've read that the 2.4 (squid) is better for the
2.4 (kernel) because of other memory menagement and other ip iplementation.
Ciao ;-)
Robert Rottscholl - DE
tacchino801@xxxxxxxxx wrote:
> Hi, Robert
>
> 1 of all:
> Really many thanks for your answear and suggestion!
>
> Now I go to install the squid v2.4!
> But let me know undestand better a concept...Do you think that Squid 2.4
> is "required" to use transparent proxy with kernel 2.4?!
>
> Great, You are beginning to speak Italian! ;-)
>
> Thanks and regards
> Lorenzo
>
>
>>Hi Lorenzo,
>>
>>I adopt that you use kernel 2.4.x! So if you use kernel 2.4.x you have
>>to use squid 2.4 (because it has some advantages which take affect when
>>using kernel 2.4.x).
>>And I think you should reconfigure you redirect option like:
>>FW_REDIRECT="192.168.1.0/24,!<SERVERIP>,tcp,80,3128
>>192.168.1.0/24,!<SERVERIP>,udp,80,3128"
>>
>>I hope that will help you.
>>
>>Ciao ;-)
>>
>>Robert Rottscholl - DE
>>
>>tacchino801@xxxxxxxxx wrote:
>>
>> > HI,
>> > It is a long time that I read suse security mailing-list.
>> >
>> > I figured my SuseFirewall1 v 5.0 and squid 2.3 for transparent proxy,
>> > all works well!
>> > I used Manuals of my "Suse 7.2 Pro" box.
>> >
>> >
>> > Now I installed "Suse 7.3 Pro" I configured SuseFirewall2 script but I
>> > have a problem with SuseFirewall2 v2.0 and Squid 2.3.
>> > Transparent proxy does not work, and I can not understand why?
>> >
>> > I used iptraf to see the connections...clients access directly to
>> > network and not through squid ip address!!
>> >
>> > Networks Manuals of "Suse 7.3 Pro" are the same of "Suse 7.2" but the
>> > Suse Firewall is updated from 1 to 2!
>> > There are no specific mention to this!
>> >
>> > I have configued the SuseFirewall2 script with this lines:
>> > FW_SERVICE_SQUID="yes"
>> > FW_REDIRECT="192.168.1.0/24,0/0,tcp,80,3128
>>192.168.1.0/24,0/0,udp,80,3128"
>> >
>> > The squid.conf file is so configured:
>> >
>> > httpd_accel_host virtual
>> > httpd_accel_port 80
>> > httpd_accel_with_proxy on
>> > httpd_accel_uses_host_header on
>> >
>> > Many thanks
>> > Lorenzo Rossi
>> >
>>
>>
>>
>>
>>--
>>To unsubscribe, e-mail: suse-security-unsubscribe@xxxxxxxx
>>For additional commands, e-mail: suse-security-help@xxxxxxxx
>>Security-related bug reports go to security@xxxxxxx, not here
>>
>>
I think I remember that I've read that the 2.4 (squid) is better for the
2.4 (kernel) because of other memory menagement and other ip iplementation.
Ciao ;-)
Robert Rottscholl - DE
tacchino801@xxxxxxxxx wrote:
> Hi, Robert
>
> 1 of all:
> Really many thanks for your answear and suggestion!
>
> Now I go to install the squid v2.4!
> But let me know undestand better a concept...Do you think that Squid 2.4
> is "required" to use transparent proxy with kernel 2.4?!
>
> Great, You are beginning to speak Italian! ;-)
>
> Thanks and regards
> Lorenzo
>
>
>>Hi Lorenzo,
>>
>>I adopt that you use kernel 2.4.x! So if you use kernel 2.4.x you have
>>to use squid 2.4 (because it has some advantages which take affect when
>>using kernel 2.4.x).
>>And I think you should reconfigure you redirect option like:
>>FW_REDIRECT="192.168.1.0/24,!<SERVERIP>,tcp,80,3128
>>192.168.1.0/24,!<SERVERIP>,udp,80,3128"
>>
>>I hope that will help you.
>>
>>Ciao ;-)
>>
>>Robert Rottscholl - DE
>>
>>tacchino801@xxxxxxxxx wrote:
>>
>> > HI,
>> > It is a long time that I read suse security mailing-list.
>> >
>> > I figured my SuseFirewall1 v 5.0 and squid 2.3 for transparent proxy,
>> > all works well!
>> > I used Manuals of my "Suse 7.2 Pro" box.
>> >
>> >
>> > Now I installed "Suse 7.3 Pro" I configured SuseFirewall2 script but I
>> > have a problem with SuseFirewall2 v2.0 and Squid 2.3.
>> > Transparent proxy does not work, and I can not understand why?
>> >
>> > I used iptraf to see the connections...clients access directly to
>> > network and not through squid ip address!!
>> >
>> > Networks Manuals of "Suse 7.3 Pro" are the same of "Suse 7.2" but the
>> > Suse Firewall is updated from 1 to 2!
>> > There are no specific mention to this!
>> >
>> > I have configued the SuseFirewall2 script with this lines:
>> > FW_SERVICE_SQUID="yes"
>> > FW_REDIRECT="192.168.1.0/24,0/0,tcp,80,3128
>>192.168.1.0/24,0/0,udp,80,3128"
>> >
>> > The squid.conf file is so configured:
>> >
>> > httpd_accel_host virtual
>> > httpd_accel_port 80
>> > httpd_accel_with_proxy on
>> > httpd_accel_uses_host_header on
>> >
>> > Many thanks
>> > Lorenzo Rossi
>> >
>>
>>
>>
>>
>>--
>>To unsubscribe, e-mail: suse-security-unsubscribe@xxxxxxxx
>>For additional commands, e-mail: suse-security-help@xxxxxxxx
>>Security-related bug reports go to security@xxxxxxx, not here
>>
>>
| < Previous | Next > |