Mailinglist Archive: opensuse-security (334 mails)

< Previous Next >
SuSEfirewall2 for transparent ftp-proxy (proxy-suite)?
  • From: "Tim Wilson" <timmywilly@xxxxxxxxxxx>
  • Date: Wed, 17 Sep 2003 16:56:13 +1200
  • Message-id: <BAY7-F93cCWIg6nvGMi00012fcb@xxxxxxxxxxx>
Hi folks,

Has anyone made SuSEfirewall2 work with ftp-proxy (proxy-suite) in transparent mode?

I have set everything up according to the mini-howto except using SuSEfirewall2 instead of direct ipchains commands. Non-transparent mode (UseMagicChar etc) works fine (and so does my transparent Squid http proxy), but when I attempt to ftp in tranparent mode eg
$ ftp ftp.suse.de
then I get the following message:
USER-WRN requested transparent proxy dest 192.168.3.3 is local
^^^^^^^^^^^
This is the internal address of my firewall (running the proxy).

Is there is something about the way SuSEfirewall2 does redirection that loses the original destination address? Or does it work for everyone else and I've just messed up the configuration?

A few details:
I do not use masquerading, since the external network is connected to the Internet with a ADSL modem/bridge that does NAT, so I redirect with FW_FORWARD. I am interested only in FTPing from the internet to local machines.

I am using SuSEfirewall2-3.1-28 and ftp proxy "(Version 1.7tp7 - 2001/06/20 21:05:20)" on SuSE 7.2 (kernel 2.4.4) straight off the CD (apart from those two packages).

Thanks for your help,

Tim

_________________________________________________________________
Surf the net and talk on the phone with Xtra Jetstream @ http://www.xtra.co.nz/products/0,,5803,00.html !


< Previous Next >
This Thread
  • No further messages