Re: Port forwarding - Aaarghh!!
Hi
-----Original Message-----
From: ^chewie <chewie@nerp.net>
To: Marcin Owsiany <porridge@lo4.ids.bielsko.pl>
Cc: debian-firewall@lists.debian.org <debian-firewall@lists.debian.org>;
recipient list not shown: ; <recipient list not shown: ;>
Date: 30 June 1999 10:45
Subject: Re: Port forwarding - Aaarghh!!
>On Wed, 30 Jun 1999, Marcin Owsiany wrote:
>
[snip]
>It looks like what you're trying to do is redirect outgoing web
>traffic to a web proxy server. What you may need to do is an ipchains
>rule that redirects outgoing traffice destined to port 80 of the
>external network to a local port. Then, try to use the program called
>"transproxy" to forward traffic from that local port to the proxy
>server. I haven't implemented it's use here yet, but I'm going
This is what we do, except we're still using a 2.0.x kernel with ipfwadm.
It works quite well. Basically you do this:
on firewall:
1) Set up ipfwadm/ipchains rule to allow connections from proxy to
0/0 port 80
2) Set up ipfwadm/ipchains rule to redirect any other connections
to 0/0 80 to local port 8080 (just pick an unused port.)
3) Install "transproxy" (I think I found a link to it on
http://squid.nlanr.net/) and set it up to connect to proxy on the
appropriate port.
on proxy:
Set up as normal.
Hope this helps.
--
Michael Wood | Tel: +27 21 762 0276 | http://www.kingsley.co.za/
wood@kingsley.co.za | Fax: +27 21 761 9930 | Kingsley Technologies
Reply to: