I really appreciate the clear directions on how to use TPROXY with Squid3. I've previously used a REDIRECT/intercept proxy, and switching to using TPROXY took only a couple of minutes. (even with IPv6!)
I do have a question, though: I run an Apache server on my router as well. It's only visible internally, and is useful as it lets me use some of the squid log tools, like SARG, to view proxy usage. Similarly, I use the apache server to serve a "access denied" page from squidGuard. This presents a problem, though: Computers inside the firewall can't see the $FW machine's apache server. Is there something that's part of the TPROXY setup that doesn't really allow for this? When I look at the rule: ACCEPT loc $FW tcp 80 I think it's straighforward enough; however when I want to access the Apache server, I really do need ot use port 80. So is there a way to get around this in shorewall, or would I be forced to use port 8080 (or similar) for the apache server? Thanks! -- Troy Telford ------------------------------------------------------------------------------ Try New Relic Now & We'll Send You this Cool Shirt New Relic is the only SaaS-based application performance monitoring service that delivers powerful full stack analytics. Optimize and monitor your browser, app, & servers with just a few lines of code. Try New Relic and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_apr _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
