[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

FW: Transparent Proxy and IPChains

To: firewalls@Lists.GNAC.NET, owner-firewall-wizards@lists.nfr.net
Subject: FW: Transparent Proxy and IPChains
From: Jason L. Esman <jesman@edpm.com>
Date: Fri, 14 Apr 2000 15:21:13 -0500

    [ The following text is in the "Windows-1252" character set. ]
    [ Your display is set for the "US-ASCII" character set.  ]
    [ Some characters may be displayed incorrectly. ]

Hello,
 Long time reader first time writer, I have a Linux system using IPChains
and Squid for the proxy/cache. I want to make my people use the proxy to
browse the internet. The Linux box is our gateway to the internet and does
masq no one can get out without going through this box. This is what i've
tried to do:

Squid Conf:
http_port 3128
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on

IpChains:
/sbin/ipchains -A input -j ACCEPT -i lo -p tcp -d 127.0.0.1/32 80
/sbin/ipchains -A input -j ACCEPT -i eth1 -p tcp -s 192.168.1.0 -d
192.168.1.5/32 80
/sbin/ipchains -A input -j REDIRECT 3128 -i eth1 -p tcp -s 192.168.1.5 -d
192.168.1.255/0 80$

When a user does not setup a proxy server in MSIE or Netscape it don't work.
Any idea, what I want to do is redirect all trafic to the internet to use
port 3128 via the proxy. Any ideas suggestions hints etc...
Thanks,
 Jason L. Esman


-
[To unsubscribe, send mail to majordomo@lists.gnac.net with
"unsubscribe firewalls" in the body of the message.]

Prev by Date: [FW1] OT - TCPDUMP posts risk or not?
Next by Date: Wannabe Hacker Group
Prev by thread: RE: [FW1] OT - TCPDUMP posts risk or not?
Next by thread: ROUTING PROBLEM ( OUT OF TOPIC ) 2ND POST
Index(es):
- Date
- Thread