SuSeFirewall2 and Squid, Transparent Proxy
HI, It is a long time that I read suse security mailing-list. I figured my SuseFirewall1 v 5.0 and squid 2.3 for transparent proxy, all works well! I used Manuals of my "Suse 7.2 Pro" box. Now I installed "Suse 7.3 Pro" I configured SuseFirewall2 script but I have a problem with SuseFirewall2 v2.0 and Squid 2.3. Transparent proxy does not work, and I can not understand why? I used iptraf to see the connections...clients access directly to network and not through squid ip address!! Networks Manuals of "Suse 7.3 Pro" are the same of "Suse 7.2" but the Suse Firewall is updated from 1 to 2! There are no specific mention to this! I have configued the SuseFirewall2 script with this lines: FW_SERVICE_SQUID="yes" FW_REDIRECT="192.168.1.0/24,0/0,tcp,80,3128 192.168.1.0/24,0/0,udp,80,3128" The squid.conf file is so configured: httpd_accel_host virtual httpd_accel_port 80 httpd_accel_with_proxy on httpd_accel_uses_host_header on Many thanks Lorenzo Rossi
Hi Lorenzo, I adopt that you use kernel 2.4.x! So if you use kernel 2.4.x you have to use squid 2.4 (because it has some advantages which take affect when using kernel 2.4.x). And I think you should reconfigure you redirect option like: FW_REDIRECT="192.168.1.0/24,!<SERVERIP>,tcp,80,3128 192.168.1.0/24,!<SERVERIP>,udp,80,3128" I hope that will help you. Ciao ;-) Robert Rottscholl - DE tacchino801@libero.it wrote:
HI, It is a long time that I read suse security mailing-list.
I figured my SuseFirewall1 v 5.0 and squid 2.3 for transparent proxy, all works well! I used Manuals of my "Suse 7.2 Pro" box.
Now I installed "Suse 7.3 Pro" I configured SuseFirewall2 script but I have a problem with SuseFirewall2 v2.0 and Squid 2.3. Transparent proxy does not work, and I can not understand why?
I used iptraf to see the connections...clients access directly to network and not through squid ip address!!
Networks Manuals of "Suse 7.3 Pro" are the same of "Suse 7.2" but the Suse Firewall is updated from 1 to 2! There are no specific mention to this!
I have configued the SuseFirewall2 script with this lines: FW_SERVICE_SQUID="yes" FW_REDIRECT="192.168.1.0/24,0/0,tcp,80,3128 192.168.1.0/24,0/0,udp,80,3128"
The squid.conf file is so configured:
httpd_accel_host virtual httpd_accel_port 80 httpd_accel_with_proxy on httpd_accel_uses_host_header on
Many thanks Lorenzo Rossi
Hi Pals... from where Can I find the latest version of SuSE Firewall ? the one that came with the Pro Versions of SuSE not the commercial one... and the how-to of it. thanks bye --ed
Hi Lorenzo,
I adopt that you use kernel 2.4.x! So if you use kernel 2.4.x you have to use squid 2.4 (because it has some advantages which take affect when using kernel 2.4.x). And I think you should reconfigure you redirect option like: FW_REDIRECT="192.168.1.0/24,!<SERVERIP>,tcp,80,3128 192.168.1.0/24,!<SERVERIP>,udp,80,3128"
I hope that will help you.
Ciao ;-)
Robert Rottscholl - DE
tacchino801@libero.it wrote:
HI, It is a long time that I read suse security mailing-list.
I figured my SuseFirewall1 v 5.0 and squid 2.3 for transparent proxy, all works well! I used Manuals of my "Suse 7.2 Pro" box.
Now I installed "Suse 7.3 Pro" I configured SuseFirewall2 script but I have a problem with SuseFirewall2 v2.0 and Squid 2.3. Transparent proxy does not work, and I can not understand why?
I used iptraf to see the connections...clients access directly to network and not through squid ip address!!
Networks Manuals of "Suse 7.3 Pro" are the same of "Suse 7.2" but the Suse Firewall is updated from 1 to 2! There are no specific mention to this!
I have configued the SuseFirewall2 script with this lines: FW_SERVICE_SQUID="yes" FW_REDIRECT="192.168.1.0/24,0/0,tcp,80,3128 192.168.1.0/24,0/0,udp,80,3128"
The squid.conf file is so configured:
httpd_accel_host virtual httpd_accel_port 80 httpd_accel_with_proxy on httpd_accel_uses_host_header on
Many thanks Lorenzo Rossi
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here
Hi Pals... from where Can I find the latest version of SuSE Firewall ? the one that came with the Pro Versions of SuSE not the commercial one...
and the how-to of it.
thanks
bye
--ed
Hi Lorenzo,
I adopt that you use kernel 2.4.x! So if you use kernel 2.4.x you have to use squid 2.4 (because it has some advantages which take affect when using kernel 2.4.x). And I think you should reconfigure you redirect option like: FW_REDIRECT="192.168.1.0/24,!<SERVERIP>,tcp,80,3128 192.168.1.0/24,!<SERVERIP>,udp,80,3128"
I hope that will help you.
Ciao ;-)
Robert Rottscholl - DE
tacchino801@libero.it wrote:
HI, It is a long time that I read suse security mailing-list.
I figured my SuseFirewall1 v 5.0 and squid 2.3 for transparent proxy, all works well! I used Manuals of my "Suse 7.2 Pro" box.
Now I installed "Suse 7.3 Pro" I configured SuseFirewall2 script but I have a problem with SuseFirewall2 v2.0 and Squid 2.3. Transparent proxy does not work, and I can not understand why?
I used iptraf to see the connections...clients access directly to network and not through squid ip address!!
Networks Manuals of "Suse 7.3 Pro" are the same of "Suse 7.2" but
www.suse.com/~marc
03/06/02 08:40:34 AM, Linux - User
Suse Firewall is updated from 1 to 2! There are no specific mention to this!
I have configued the SuseFirewall2 script with this lines: FW_SERVICE_SQUID="yes" FW_REDIRECT="192.168.1.0/24,0/0,tcp,80,3128 192.168.1.0/24,0/0,udp,80,3128"
The squid.conf file is so configured:
httpd_accel_host virtual httpd_accel_port 80 httpd_accel_with_proxy on httpd_accel_uses_host_header on
Many thanks Lorenzo Rossi
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here
Hi Pals... from where Can I find the latest version of SuSE Firewall ? the one that came with the Pro Versions of SuSE not the commercial one...
OK, check FW_SERVICE_TCP_INT="3128" Recomend.. FW_SERVICE_AUTODETECT="no" FW_SERVICE_SQUID="no" Good Luck -----Mensaje original----- De: tacchino801@libero.it [mailto:tacchino801@libero.it] Enviado el: Miércoles, 06 de Marzo de 2002 04:05 a.m. Para: suse-security@suse.com Asunto: [suse-security] SuSeFirewall2 and Squid, Transparent Proxy HI, It is a long time that I read suse security mailing-list. I figured my SuseFirewall1 v 5.0 and squid 2.3 for transparent proxy, all works well! I used Manuals of my "Suse 7.2 Pro" box. Now I installed "Suse 7.3 Pro" I configured SuseFirewall2 script but I have a problem with SuseFirewall2 v2.0 and Squid 2.3. Transparent proxy does not work, and I can not understand why? I used iptraf to see the connections...clients access directly to network and not through squid ip address!! Networks Manuals of "Suse 7.3 Pro" are the same of "Suse 7.2" but the Suse Firewall is updated from 1 to 2! There are no specific mention to this! I have configued the SuseFirewall2 script with this lines: FW_SERVICE_SQUID="yes" FW_REDIRECT="192.168.1.0/24,0/0,tcp,80,3128 192.168.1.0/24,0/0,udp,80,3128" The squid.conf file is so configured: httpd_accel_host virtual httpd_accel_port 80 httpd_accel_with_proxy on httpd_accel_uses_host_header on Many thanks Lorenzo Rossi
participants (6)
-
Carlos Carrera -
James Bliss -
Linux - User -
Michael Appeldorn -
Robert Rottscholl -
tacchino801@libero.it