I use squid and shorewall on my Suse10.2. I have setup squid as transparent proxy and I use shorewall redirect rule. But this does not work for the https requests. Is there a way to use transparent proxy for http request and just let https request to pass through the firewall?
Thanks, Manooch -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Tom Eastep Sent: Thursday, June 28, 2007 11:04 AM To: Shorewall Users Subject: Re: [Shorewall-users] Problem setting up VPN client - novice question Tom Eastep wrote: > Tom Eastep wrote: >> Andrew Suffield wrote: >>> On Thu, Jun 28, 2007 at 06:53:21AM -0700, Tom Eastep wrote: >>>>> No errors are reported on during the start up of shorewall. >>>>> Running "shorewall show messages" gives the >>>>> error: >>>>> >>>>> iptables: No chain/target/match by that name >>>> Shorewall has no 'show messages' command. Did you possibly want >>>> 'shorewall show log'? >>> Perhaps this syntax wants rethinking - arguments of the form >>> [foo|bar|baz|<anything else>] are usually trouble, as you can't give >>> a particularly good error message when the user makes a mistake like >>> this. >> Making a syntax change at this point would mean that many pieces of >> advise recorded in the list archives would no longer work. >> >> So I'm not in favor of such a change at this late date. > > Where there's a will, there's a way: > > gateway:/etc/shorewall.keep # shorewall show chain foo Shorewall 3.4.4 > Chain foo at gateway - Thu Jun 28 10:58:51 PDT 2007 > > Counters reset Wed Jun 27 13:28:16 PDT 2007 > > iptables: No chain/target/match by that name > gateway:/etc/shorewall.keep # shorewall show foo usage shorewall show > [ -x ] [ -m ] [-f] [ -t {filter|mangle|nat} ] [ chain... > gateway:/etc/shorewall.keep # and: gateway:/etc/shorewall.keep # shorewall show dynamic Shorewall 3.4.4 Chain dynamic at gateway - Thu Jun 28 11:03:04 PDT 2007 Counters reset Wed Jun 27 13:28:16 PDT 2007 Chain dynamic (18 references) pkts bytes target prot opt in out source destination 0 0 DROP 0 -- * * 206.124.57.2 0.0.0.0/0 gateway:/etc/shorewall.keep # -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
