question squid + firewall + http server inside firewall

To: List - Debian Security <debian-security@lists.debian.org>
Subject: question squid + firewall + http server inside firewall
From: Hanasaki JiJi <hanasaki@hanaden.com>
Date: Wed, 04 Jun 2003 23:41:40 -0500
Message-id: <[🔎] 3EDECA04.90008@hanaden.com>

I have the below rules in my firewall. the http server is inside thefirewall on 192.168.1.2:80

	people can hit it fine from the outside
	squid is running on the firewall
	inside can browser ouside via squid just fine
	inside cannot browse the outside address

Any thought/input would be appreciated.

# http server
$PROG -t nat -A PREROUTING -i $NIC_EXTERNAL -p tcp \
        -s 0/0 --dport http \
        -j DNAT --to-destination 192.168.1.2:80
$PROG -t mangle -A FORWARD -i $NIC_EXTERNAL -s 0/0 \
        -o $NIC_INTERNAL -d 192.168.1.2 -p tcp --dport http \
        -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT

Reply to:

Prev by Date: Re: how to help with security in debian
Next by Date: RE: question squid + firewall + http server inside firewall
Previous by thread: Re: how to help with security in debian
Next by thread: RE: question squid + firewall + http server inside firewall
Index(es):
- Date
- Thread