Hi list, I'm using shorewall 4.5.5 on debian stable.
i'm having some issue to set up transparent proxy. Setup is quite complex.
Provider A Provider B
\ /
\ /
\ /
\ /
FW
/ ---------| \
/ \
Bridge Net B
/ \
NetC NetD
Nodes on NetD should access net through proxy located on NetB. I've setted up a
config as described in
http://www.shorewall.net/Shorewall_Squid_Usage.html#idp114696
I've two different providers. I've added a marking rule, setted up PRIORITY in
order to get fwmark used first (before rules defined in rtrules).
Here is the issue :
Packet sent to net by nodes on NetD get correctly marked, so get routed to
proxy on NetB which handle request. Packe come back to firewall interface
through NetB and stop there (src IP is the requested IP (eg www.google.com),
dest IP is the NetD node which has made http request according to tcpdump).
Although tcpdump shows up the packet, no Shorewall log about this last incoming
packet.
Traffic from NetB is authorized to access NetD (no ip source or dest check)….
Any clue on what maybe wrong?
Thanks
Christophe
smime.p7s
Description: S/MIME cryptographic signature
------------------------------------------------------------------------------ See everything from the browser to the database with AppDynamics Get end-to-end visibility with application monitoring from AppDynamics Isolate bottlenecks and diagnose root cause in seconds. Start your free trial of AppDynamics Pro today! http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
