2012/4/16 troxlinux <xserverli...@gmail.com>: > Hi list , I have proxy behind router , router only offers nat to > proxy all my network LAN is connected to proxy to out to Internet , > proxy works in transparent way with shorewall, with a one network > card, the problem is that it works to me in way is transparent but I > cannot connect to pages https > > this is my rules files > > Ping/ACCEPT net $FW > SSH/ACCEPT net $FW > ACCEPT net $FW tcp > 8080,80,9090,3128,5222,3000,10000,443,69 > ACCEPT $FW net tcp 443,53,80 > ACCEPT net $FW udp 161,162,69 > ACCEPT $FW net udp 161,162,53,69 > ACCEPT+ net:172.16.8.49 net > REDIRECT net 8080 tcp 80 - > - 20/sec:5 > # Permit all ICMP traffic FROM the firewall TO the net zone > ACCEPT $FW net icmp > > if I put proxy manual in the PC, works perfect https , the proxy and > shorewall run in the same pc.
I tried to put in interfaces net eth0 detect blacklist zones fw firewall net ipv4 policy $FW net ACCEPT net $FW ACCEPT info net all DROP info # The FOLLOWING POLICY MUST BE LAST all all REJECT info but it doesn't work me the https regardss -- rickygm http://gnuforever.homelinux.com ------------------------------------------------------------------------------ Better than sec? Nothing is better than sec when it comes to monitoring Big Data applications. Try Boundary one-second resolution app monitoring today. Free. http://p.sf.net/sfu/Boundary-dev2dev _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
