My kernel has the "transparent proxy stuff" compiled in, that's not the
problem.
The squid proxy server was running for the last months whitout any problems,
but I have to tell all users to set their browsers to use the proxy server, the
same for ftp. Some ftp clients (ftp, ncftp) don't (or I don't know how) support
proxys, and it's a mess having to tell all your clients and all your users how
to configure the programs. That's why I'm trying to use "transparent proxying"!
So my default route to the internet would be always through PC1, gateway is
always PC1, and noone has to bother setting any proxy servers.
The firewall should redirect internal incoming requests to http, https and ftp
to PC2 to be handled by squid (is this user allowed to connect to the
internet?)
So what I need is to do a redirect AND a prot forwarding? How does this work?
Example?
Something like:
on PC1:
redirect port 80 to 8080
ssh -R PC2:3128:8080
???
Thanks, rems
Alexander Bien wrote:
> Hi,
> Try to recompile your kernel to enable transparent proxy stuff, then use
> SuSE firewall packages to actually configure PC1 to forward packets to PC2.
> (or vice versa)
>
> See www.squid-cache.org 's FAQ section for details about the config of SQUID
> when beeing used as transparent proxy..
>
> Regards
>
> --
>
> Mit freundlichen Grüßen
>
> Alexander Bien
>
> --
> PIRONET NDH
> Alexander Bien - Technical Assistant - SBU Services
> Josef-Lammerting-Allee 14-18, 50933 Cologne - Germany
> Tel.: +49 (0)172 7760569 - Fax: +49 (0)221 770 2815
> mailto:[EMAIL PROTECTED] - http://www.pironet.com
>
> > -----Original Message-----
> > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Richard Ems
> > Sent: Friday, February 02, 2001 3:02 PM
> > To: [EMAIL PROTECTED]
> > Subject: [suse-security] Transparent proxy ...
> >
> >
> > Hi all!
> >
> > Here my scenario:
> >
> >
> > Internet
> > |
> > |
> > |
> > PC1: Packet Filtering ---------+
> >
> > SWITCH------- Internal LAN
> > PC2: SQUID Proxy Server ------+
> > Mail Server
> > DNS caching only server
> >
> > What I'm trying to configure is a kind of port forwarding from PC1 to
> > PC2. Is this possible?
> > HTTP, HTTPS, and FTP should be redirected from PC1 to PC2 (e.g. PC1:80
> > to PC2:3128)
> >
> > I've searched in the archives, read the HOWTO's but didn't find any
> > answer?
> >
> > Any help would be VERY appreciated !
> >
> > Thanks, Richard
> >
> > --
> > Richard Ems
> > ... e-mail: [EMAIL PROTECTED]
> > ... Fachbereich Informatik, Universität Hamburg
> >
> > Unix IS user friendly. It's just selective about who its friends are.
> >
> >
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
> >
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
--
Richard Ems
... e-mail: [EMAIL PROTECTED]
... Fachbereich Informatik, Universität Hamburg
Unix IS user friendly. It's just selective about who its friends are.
