SuseFirewall2 - HTTPS
Hi everyone! I am using the susefirewall2 in a machine which connects directly to the internet and acts as a proxy for the other workstations in my network. All the workstations connect to the Internet throw that machine. I have tested with trafic www and it worked, but the trafic that comes from https is blocked in the firewall. I have tried to place the https port in the parameter FW_SERVICES_INT_TCP="https", but it didn't work. Any idea ? thanks Joao Reis P.S: Sorry about my english :-)
On Tue, 04 Feb 2003, Joao Reis wrote:
I am using the susefirewall2 in a machine which connects directly to the internet and acts as a proxy for the other workstations in my network.
All the workstations connect to the Internet throw that machine.
I have tested with trafic www and it worked, but the trafic that comes from https is blocked in the firewall.
I have tried to place the https port in the parameter FW_SERVICES_INT_TCP="https", but it didn't work.
No it won't - this parameter is for services on the firewall, not the internet. To use firewall2 to allow https to private ip addresses you need to set up masquerading - follow the instructions in paragraphs 5 and 6 of the config. But you will also want a filter that stops everything but https from being masqueraded. I am not sure how to do this extra filtering in firewall2 but look at paragraph 15. I think that modern proxies like squid or cyberguard have other ways of dealing with https I am not familiar with so you might want to check the docs for your proxy product. If you need to come back to the list let us know which proxy product you are running. Sorry this is terse. Hope this helps.
participants (2)
-
dproc -
Joao Reis