RE: question squid + firewall + http server inside firewall
> -----Original Message-----
> From: Hanasaki JiJi [mailto:hanasaki@hanaden.com]
> Sent: Thursday, 5 June 2003 4:17 PM
> To: List - Debian Security
> Subject: Re: question squid + firewall + http server inside firewall
>
>
> Michael,
>
> unfortunately, that didnt work. Your logic makes sense.
> Below is the
> output of the relavant lines: iptables -L -t nat
>
> any other ideas would be great!
>
> SNAT tcp -- 192.168.1.0/24 [internalhost] tcp dpt:www to:65.30.34.80
>
Could there be other rules in the firewall interfering
with this?
I tend to use tcpdump a lot to find out which packets
the firewall machine is seeing.
If what I originally described is happening then you'll
see packets leave the firewall to the http server but no
packets will return (they'll go directly to the internal
machine).
If the above rule is functioning then you'll see the
responses and it's a matter of checking that they're not
being blocked by some other rule.
It helps also to log what is happening as far as the http
server is concerned. And simialrly on the machine making
the requests.
This is how I diagnosed my problem.
Michael
--
Michael Sharman
Dytech Solutions
(03) 6224 4116
michael.sharman@dytech.com.au
Reply to: