Mailinglist Archive: opensuse-security (636 mails)

< Previous Next >
Re: [suse-security] Transparent proxy ...
  • From: Richard Ems <r.ems.mtg@xxxxxxx>
  • Date: Mon, 05 Feb 2001 11:34:16 +0100
  • Message-id: <3A7E81A8.93AB3B96@xxxxxxx>
Peter Wiersig wrote:

> Richard Ems:
> > Hi Frank!
> >
> > Mi idea was to build a Firewall where PC1 would ONLY do packet filtering
> > (masq, forw, redir, etc.) and PC2 would do the rest (snmp server, pop
> > server, proxy server, dns server, etc.) Also the hardware is very different
> > on both PC's:
> > PC1: 1 x 700 Mhz, 64 MB RAM, IDE
> > PC2: 2 x 700 Mhz, 512 MB RAM, SCSI, more disk space than PC1
> >
> > mmmm, now I'm not so sure ...
> >
> > What do you think?
> >
> > Richard
> I would do the same as you. Setup PC1 as screening router and go with the
> other stuff on PC2.
> In what part of the setup do you have problems.
> (not via list because its not really security related - its more of an
> configuration question.)
> Peter

Hi Peter!
My problem is that I wan't to configure a transparent proxy for http, https and
ftp (and if possible nntp also!) running squid on PC2. So PC1 should
transparently forward requests to these ports to squid at PC1 where squid would
look for permissions and in the cache or ask PC1 (the only PC connected to the
internet) for the requested data.
My problem is HOW to configure my ipchains rules, ipmasqadm rules or whatsoever
to make this redirection and portforwarding or so!
Any ideas where to look for some help? Or have you configured something like
this? Or should I move the squid proxy server from PC2 to PC1?

Thanks, Richard

Richard Ems
... e-mail: r.ems@xxxxxxx
... Fachbereich Informatik, Universit├Ąt Hamburg

Unix IS user friendly. It's just selective about who its friends are.

< Previous Next >