[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Squid as default gateway in proxy mode.

On Sun, Apr 15, 2012 at 4:49 PM, Pascal Hambourg <pascal@plouf.fr.eu.org> wrote:
> Muhammad Yousuf Khan a écrit :
>>
>> i know ICMP didnt have ports and it is a layer 4 proto.
>
> ICMP is tranported on top on IP which is a layer 3 (network) protocol,
> but that does not make it a layer 4 protocol. ICMP provides services
> that are part of the IP protocol, so it is rather a layer 3 protocol.
>
>> secondly the concern that this is not the right approach. i know that
>> this is not a way of blocking stuff. i should have drop the traffic
>> one by one after opening  all the traffic.
>
> Rather the other way around : you should accept specific traffic and
> block everything else by default.
>
>> i know in other words we are talking about "Transparent " proxy.
>
> No, this is packet filtering and has nothing to do with transparent proxy.

did you mean this.


1, PAT all the traffice  by iptables
2. Block everything
3, accept only specific traffice
4, on port 80 Squid will be acting as a proxy.


if it is what you mean , can you please give me just few liner script
in which i will PAT all the traffic and then i block every thing and
accept only particular one, like  port 110, 25,  80 and etc.


Thanks,
Reply to: