Hi Reiner,
multi lan is if you maintain several local area networks all connected
to the same Firewall.
"Can you substantiate that statement with some URL's?"
No, I can look if someone else discovered the same issue in the Forums.
"It turns out"
We discovered this in-house.
Code of squid.inc:
foreach ($ifaces as $iface) {
$rules .= "# Setup squid pass rules for proxy\n";
$rules .= "pass in quick on $iface proto tcp from any to
!($iface) port 80 flags S/SA keep state\n";
$rules .= "pass in quick on $iface proto tcp from any to
!($iface) port $port flags S/SA keep state\n";
$rules .= "\n";
};
The rules are loaded before the custom configured rule-set. Meaning it
will allow access to http servers from one LAN to the other LAN.
Best regards,
Rocco
Reinier Battenberg wrote:
"it turns out"
Can you substantiate that statement with some URL's?
Else, i dont consider it a true statement.
And for non-networkies: what is Multi-LAN?
rgds,
Reinier Battenberg
Director
Mountbatten Ltd.
+256 782 801 749
www.mountbatten.net
Do you have a businessplan? Make your idea work: www.startyourbusiness.ug
On Monday 30 November 2009 17:12:46 IT-Doc24 Ltd. - Rocco Radisch wrote:
Hi Joseph,
pfSense has modules to work either way, as normal web proxy or as a
reverse proxy. If you need help we have done a couple of custom pfSense
installations as well as custom re-programming of front and back-end.
Furthermore, it turns out that the standard pf rules used in conjunction
with a transparent web-proxy installation will open security flaws if
used in a multi-wan & multi-lan set-up.
Best regards,
Rocco
Reinier Battenberg wrote:
Hi Joseph,
This seems more targetted at the other end of proxiying.
You can put this proxy in front of your website, which will take the load
off your apache server.
rgds,
Reinier Battenberg
Director
Mountbatten Ltd.
+256 782 801 749
www.mountbatten.net
Do you have a businessplan? Make your idea work: www.startyourbusiness.ug
On Monday 30 November 2009 14:50:04 joseph mpora wrote:
Pfsense has been pretty good for us, haven't seen need to change :)
Joseph
On 11/30/09, Emmanuel Mulo <[email protected]> wrote:
Hi all,
I am not sure whether this information has been previously posted on
this mailing list, however I saw something about Yahoo traffic server
being released as open source. Since I have seen previously a number
of requests concerning proxy servers for load balancing, content
filtering etc... would be interesting to hear from any sysadmins
experimenting with this. It is used by Yahoo so it has to be good for
something no? :)
http://cwiki.apache.org/confluence/display/TS/Traffic+Server
http://ostatic.com/blog/guest-post-yahoos-cloud-team-open-sources-traff
ic -server
Anybody who does something with it please update us.. at least I would
be interested to hear.. Joseph? Reinier?
cheers
Mulo
_______________________________________________
LUG mailing list
[email protected]
http://kym.net/mailman/listinfo/lug
%LUG is generously hosted by INFOCOM http://www.infocom.co.ug/
The above comments and data are owned by whoever posted them (including
attachments if any). The List's Host is not responsible for them in any
way. ---------------------------------------
_______________________________________________
LUG mailing list
[email protected]
http://kym.net/mailman/listinfo/lug
%LUG is generously hosted by INFOCOM http://www.infocom.co.ug/
The above comments and data are owned by whoever posted them (including
attachments if any). The List's Host is not responsible for them in any
way. ---------------------------------------
_______________________________________________
LUG mailing list
[email protected]
http://kym.net/mailman/listinfo/lug
%LUG is generously hosted by INFOCOM http://www.infocom.co.ug/
The above comments and data are owned by whoever posted them (including
attachments if any). The List's Host is not responsible for them in any
way. ---------------------------------------
_______________________________________________
LUG mailing list
[email protected]
http://kym.net/mailman/listinfo/lug
%LUG is generously hosted by INFOCOM http://www.infocom.co.ug/
The above comments and data are owned by whoever posted them (including
attachments if any). The List's Host is not responsible for them in any
way. ---------------------------------------
_______________________________________________
LUG mailing list
[email protected]
http://kym.net/mailman/listinfo/lug
%LUG is generously hosted by INFOCOM http://www.infocom.co.ug/
The above comments and data are owned by whoever posted them (including
attachments if any). The List's Host is not responsible for them in any way.
---------------------------------------
_______________________________________________
LUG mailing list
[email protected]
http://kym.net/mailman/listinfo/lug
%LUG is generously hosted by INFOCOM http://www.infocom.co.ug/
The above comments and data are owned by whoever posted them (including
attachments if any). The List's Host is not responsible for them in any way.
---------------------------------------
