Any idea !! .. please..
2014/1/22 I.S.C. William <[email protected]>
> I have a network that has internet service through a squid proxy with
> shorewall firewall .
>
> I manage the network 192.168.30.0/12 is for computers that have Internet
> access .
>
> But the team that are in the subnet 192.168.50.0/12 should not go out to
> any port , you must have all ports closed .
>
> I did the next ..
>
> Have within the params file the variable L_NOREG placing the subnet not
> want you to have Internet access :
>
> L_NOREG = " 192.168.50.0/12 "
>
> I have redirected port 80 to the LAN port to squid port 443 open and equal
> to the local network.
>
> ACCEPT loc : $ L_NOREG all tcp 80,8080,443
> ACCEPT loc : $ L_NOREG net tcp 443
> REDIRECT loc : 3018 tcp $ 80.8080 L_NONET
>
> Here I tell shorewall let me go all the local network to port 80 and 8080
> ( squid ) exept the network that is registered in the variable L_NOREG
>
> When recharging these settings across the network goes down, and not let
> me out on port 80 and 443 and only 30.0 subnet should get out.
>
> I'll be doing wrong?
>
>
> My configuration file I Policy :
> loc ACCEPT loc
> loc all REJECT info
> net all DROP info
> fw all ACCEPT
>
--
*Atte.*
*ISC. William López Jiménez*
*Ingeniero en Sistemas*
*Computacionales*
*User Linux: 379636*
*Twitter: @koalasoft*
*MSN: wljkoala23[a]hotmail.com <http://hotmail.com>*
*LinkedIn: **http://linkd.in/Q2U6q7 <http://linkd.in/Q2U6q7>*
*Web: http://koalasoft.wordpress.com <http://koalasoft.wordpress.com>
<http://www.koalasoftmx.tk>*
P Salva un Árbol... Por favor, no imprimas este em@il a menos que sea
necesario.
*AVISO DE CONFIDENCIALIDAD*
*Este correo electrónico es confidencial y para ser leído y utilizado
exclusivamente por la(s) persona(s) a quien(es) se dirige. Si el lector de
esta transmisión electrónica no es el destinatario, se le notifica que
cualquier distribución o copia de la misma está estrictamente prohibida. Si
ha recibido este correo por error le suplicamos notificar inmediatamente a
la persona que lo envió y borrarlo definitivamente de su sistema.*
*CONFIDENTIALITY NOTICE*
*This electronic mail transmission is confidential, may be privileged and
should be read or retained only by the intended recipient. If the reader of
this transmission is not the intended recipient, you are hereby notified
that any distribution or copying hereof is strictly prohibited. If you have
received this transmission in error, please immediately notify the sender
and delete it from your system.*
------------------------------------------------------------------------------
CenturyLink Cloud: The Leader in Enterprise Cloud Services.
Learn Why More Businesses Are Choosing CenturyLink Cloud For
Critical Workloads, Development Environments & Everything In Between.
Get a Quote or Start a Free Trial Today.
http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
