why not just route all port 80 destined packets to the proxy? you can do
this on the gateway. if you have a router, route all port 80 to the
proxy by setting the next hop of these packets to the gateway.
Junix Gaspar wrote:
On 3/27/07, *Ariz Jacinto* <[EMAIL PROTECTED]
<mailto:[EMAIL PROTECTED]>> wrote:
Hi Junix,
what software / rules did you use to drop those packets?
Actually, I am using ISA 2004, In one of the firewall rules of ISA ,
you right click on and there goes configure HTTP and on the header
TAB, I just put block all headers with "X-Forwarded-For", "Via" and
http 1.0 (although I dont get the reason why this last one should be
blocked), out of curiousity, I just blocked it as well.
Hayyy, kainis.
But I configure a squid proxy server to test a "proxy" connection and
even with that header blocking, it still works. Since I dont know much
in using ethereal and/or other pocket sniffer that reads and analyze
such HEADER, I'm kinda stuck and left thinking that maybe squid
doesn't use put this X-Forwarded-For for its clients request to the
parent proxy.
hayyy more googling I guess.
I will try this Header blocking in Squid. Hopefully I will it will
yield a different result.
ps, I am chaining ISA, dansguardian and squid and it works like a
charm except for that rugue proxy being used against me. hayyy
------------------------------------------------------------------------
_________________________________________________
Philippine Linux Users' Group (PLUG) Mailing List
[email protected] (#PLUG @ irc.free.net.ph)
Read the Guidelines: http://linux.org.ph/lists
Searchable Archives: http://archives.free.net.ph
_________________________________________________
Philippine Linux Users' Group (PLUG) Mailing List
[email protected] (#PLUG @ irc.free.net.ph)
Read the Guidelines: http://linux.org.ph/lists
Searchable Archives: http://archives.free.net.ph
