[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

question squid + firewall + http server inside firewall

I have the below rules in my firewall. the http server is inside the firewall on
	people can hit it fine from the outside
	squid is running on the firewall
	inside can browser ouside via squid just fine
	inside cannot browse the outside address

Any thought/input would be appreciated.

# http server
$PROG -t nat -A PREROUTING -i $NIC_EXTERNAL -p tcp \
        -s 0/0 --dport http \
        -j DNAT --to-destination
$PROG -t mangle -A FORWARD -i $NIC_EXTERNAL -s 0/0 \
        -o $NIC_INTERNAL -d -p tcp --dport http \
        -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT

Reply to: