I have a network that has internet service through a squid proxy with
shorewall firewall .
I manage the network 192.168.30.0/12 is for computers that have Internet
access .
But the team that are in the subnet 192.168.50.0/12 should not go out to
any port , you must have all ports closed .
I did the next ..
Have within the params file the variable L_NOREG placing the subnet not
want you to have Internet access :
L_NOREG = " 192.168.50.0/12 "
I have redirected port 80 to the LAN port to squid port 443 open and equal
to the local network.
ACCEPT loc : $ L_NOREG all tcp 80,8080,443
ACCEPT loc : $ L_NOREG net tcp 443
REDIRECT loc : 3018 tcp $ 80.8080 L_NONET
Here I tell shorewall let me go all the local network to port 80 and 8080 (
squid ) exept the network that is registered in the variable L_NOREG
When recharging these settings across the network goes down, and not let me
out on port 80 and 443 and only 30.0 subnet should get out.
I'll be doing wrong?
My configuration file I Policy :
loc ACCEPT loc
loc all REJECT info
net all DROP info
fw all ACCEPT
------------------------------------------------------------------------------
CenturyLink Cloud: The Leader in Enterprise Cloud Services.
Learn Why More Businesses Are Choosing CenturyLink Cloud For
Critical Workloads, Development Environments & Everything In Between.
Get a Quote or Start a Free Trial Today.
http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
