You should load the necessary kernel modules for ftp or static compile in to
the kernel. The kernel module takes car of the protocol details for ftp.
----- Original Message -----
From: Philipp Snizek
Does this also work for ftp?
Sorry not to mention that squid runs on the firewall. ----- Original Message ----- From: Oyku Gencay
To: Joelly Alexander ; SuSE Security Sent: Friday, October 12, 2001 12:01 PM Subject: Re: [suse-security] netfilter with transparent squid Try this.
$IPTABLES -t nat -A PREROUTING -p TCP -i $LAN_IFACE --dport 80 -j REDIRECT --to-port 3128 you should also have $IPTABLES -A -m state --state ESTABLISHED,RELATED -j ACCEPT $IPTABLES -t nat -A POSTROUTING -o $INET_IFACE -j MASQUERADE ....
$IPTABLES is the path to the iptables executable and $LAN_IFACE and $INET_IFACE should be your corresponding NIC such as eth0, eth1.
My default polcies are to DROP, and you should also make the required configuration in squid.
Hope this helps.
Regards, Oyku Gencay
----- Original Message ----- From: Joelly Alexander
To: Sent: Friday, October 12, 2001 12:06 PM Subject: [suse-security] netfilter with transparent squid does anyone know how to setup a netfilter-firewall with transparent squid ? there is a document called "transparent proxy with linux and squid mini-howto"; sure it works, but only when the default policies are set to accept; for higher security my default policies are set to drop and the transparent answer my requests;
does anyone have a similar szenario that works ? are there some samples or useful hints avaliable ?
thx alex
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com