Hi Rocco,
Well, if you found a bug in a FOSS project, the best thing to do is to make
sure it gets in the next release. That way, you wont have to patch all the
servers you are maintaining in the future. And so will all other pfSense
users worldwide.
I guess pfSense has a bugtracker where you can post your fix.
rgds,
Reinier Battenberg
Director
Mountbatten Ltd.
+256 782 801 749
www.mountbatten.net
Do you have a businessplan? Make your idea work: www.startyourbusiness.ug
On Tuesday 01 December 2009 08:25:42 IT-Doc24 Ltd. - Rocco Radisch wrote:
> Hi Reiner,
>
> multi lan is if you maintain several local area networks all connected
> to the same Firewall.
>
> "Can you substantiate that statement with some URL's?"
> No, I can look if someone else discovered the same issue in the Forums.
>
> "It turns out"
> We discovered this in-house.
>
> Code of squid.inc:
> foreach ($ifaces as $iface) {
> $rules .= "# Setup squid pass rules for proxy\n";
> $rules .= "pass in quick on $iface proto tcp from any to
> !($iface) port 80 flags S/SA keep state\n";
> $rules .= "pass in quick on $iface proto tcp from any to
> !($iface) port $port flags S/SA keep state\n";
> $rules .= "\n";
> };
>
> The rules are loaded before the custom configured rule-set. Meaning it
> will allow access to http servers from one LAN to the other LAN.
>
> Best regards,
> Rocco
>
> Reinier Battenberg wrote:
> > "it turns out"
> > Can you substantiate that statement with some URL's?
> >
> > Else, i dont consider it a true statement.
> >
> > And for non-networkies: what is Multi-LAN?
> >
> > rgds,
> >
> > Reinier Battenberg
> > Director
> > Mountbatten Ltd.
> > +256 782 801 749
> > www.mountbatten.net
> >
> > Do you have a businessplan? Make your idea work: www.startyourbusiness.ug
> >
> > On Monday 30 November 2009 17:12:46 IT-Doc24 Ltd. - Rocco Radisch wrote:
> >> Hi Joseph,
> >>
> >> pfSense has modules to work either way, as normal web proxy or as a
> >> reverse proxy. If you need help we have done a couple of custom pfSense
> >> installations as well as custom re-programming of front and back-end.
> >> Furthermore, it turns out that the standard pf rules used in conjunction
> >> with a transparent web-proxy installation will open security flaws if
> >> used in a multi-wan & multi-lan set-up.
> >>
> >> Best regards,
> >> Rocco
> >>
> >> Reinier Battenberg wrote:
> >>> Hi Joseph,
> >>>
> >>> This seems more targetted at the other end of proxiying.
> >>>
> >>> You can put this proxy in front of your website, which will take the
> >>> load off your apache server.
> >>>
> >>>
> >>>
> >>> rgds,
> >>>
> >>> Reinier Battenberg
> >>> Director
> >>> Mountbatten Ltd.
> >>> +256 782 801 749
> >>> www.mountbatten.net
> >>>
> >>> Do you have a businessplan? Make your idea work:
> >>> www.startyourbusiness.ug
> >>>
> >>> On Monday 30 November 2009 14:50:04 joseph mpora wrote:
> >>>> Pfsense has been pretty good for us, haven't seen need to change :)
> >>>>
> >>>> Joseph
> >>>>
> >>>> On 11/30/09, Emmanuel Mulo <[email protected]> wrote:
> >>>>> Hi all,
> >>>>>
> >>>>> I am not sure whether this information has been previously posted on
> >>>>> this mailing list, however I saw something about Yahoo traffic server
> >>>>> being released as open source. Since I have seen previously a number
> >>>>> of requests concerning proxy servers for load balancing, content
> >>>>> filtering etc... would be interesting to hear from any sysadmins
> >>>>> experimenting with this. It is used by Yahoo so it has to be good
> >>>>> for something no? :)
> >>>>>
> >>>>>
> >>>>> http://cwiki.apache.org/confluence/display/TS/Traffic+Server
> >>>>> http://ostatic.com/blog/guest-post-yahoos-cloud-team-open-sources-tra
> >>>>>ff ic -server
> >>>>>
> >>>>> Anybody who does something with it please update us.. at least I
> >>>>> would be interested to hear.. Joseph? Reinier?
> >>>>>
> >>>>> cheers
> >>>>> Mulo
> >>>>> _______________________________________________
> >>>>> LUG mailing list
> >>>>> [email protected]
> >>>>> http://kym.net/mailman/listinfo/lug
> >>>>> %LUG is generously hosted by INFOCOM http://www.infocom.co.ug/
> >>>>>
> >>>>> The above comments and data are owned by whoever posted them
> >>>>> (including attachments if any). The List's Host is not responsible
> >>>>> for them in any way. ---------------------------------------
> >>>>
> >>>> _______________________________________________
> >>>> LUG mailing list
> >>>> [email protected]
> >>>> http://kym.net/mailman/listinfo/lug
> >>>> %LUG is generously hosted by INFOCOM http://www.infocom.co.ug/
> >>>>
> >>>> The above comments and data are owned by whoever posted them
> >>>> (including attachments if any). The List's Host is not responsible for
> >>>> them in any way. ---------------------------------------
> >>>
> >>> _______________________________________________
> >>> LUG mailing list
> >>> [email protected]
> >>> http://kym.net/mailman/listinfo/lug
> >>> %LUG is generously hosted by INFOCOM http://www.infocom.co.ug/
> >>>
> >>> The above comments and data are owned by whoever posted them (including
> >>> attachments if any). The List's Host is not responsible for them in any
> >>> way. ---------------------------------------
> >>
> >> _______________________________________________
> >> LUG mailing list
> >> [email protected]
> >> http://kym.net/mailman/listinfo/lug
> >> %LUG is generously hosted by INFOCOM http://www.infocom.co.ug/
> >>
> >> The above comments and data are owned by whoever posted them (including
> >> attachments if any). The List's Host is not responsible for them in any
> >> way. ---------------------------------------
> >
> > _______________________________________________
> > LUG mailing list
> > [email protected]
> > http://kym.net/mailman/listinfo/lug
> > %LUG is generously hosted by INFOCOM http://www.infocom.co.ug/
> >
> > The above comments and data are owned by whoever posted them (including
> > attachments if any). The List's Host is not responsible for them in any
> > way. ---------------------------------------
>
> _______________________________________________
> LUG mailing list
> [email protected]
> http://kym.net/mailman/listinfo/lug
> %LUG is generously hosted by INFOCOM http://www.infocom.co.ug/
>
> The above comments and data are owned by whoever posted them (including
> attachments if any). The List's Host is not responsible for them in any
> way. ---------------------------------------
_______________________________________________
LUG mailing list
[email protected]
http://kym.net/mailman/listinfo/lug
%LUG is generously hosted by INFOCOM http://www.infocom.co.ug/
The above comments and data are owned by whoever posted them (including
attachments if any). The List's Host is not responsible for them in any way.
---------------------------------------
