I''m new, my name''s Christ, and I''ve started using
shorewall in the
past few weeks.
problem I''m having, is thus:
Web/ACCEPT users servs
Web/ACCEPT users $FW #Accept Web traffic.
REDIRECT users 3129 tcp www #forward
it to myself
Web/ACCEPT $FW all #then allow myself to access teh web.
these are supposed to redirect all web access from the "users" zone to
the "wan" zone (not shown) to the squid proxy on port 3129.
It''s
additionally supposed to accept all traffic from the users zone to the
servs zone (line 1) and pass it on untouched (as supported by
underlying routing tables) however, it''s instead passing all http
requests from users to servs through the squid proxy.
what have I done wrong ?
--
(\_/) This is Bunny. Copy and paste Bunny
(=''.''=) into your signature to help him gain
(")_(") world domination.
------------------------------------------------------------------------------
The NEW KODAK i700 Series Scanners deliver under ANY circumstances! Your
production scanning environment may not be a perfect world - but thanks to
Kodak, there''s a perfect scanner to get the job done! With the NEW
KODAK i700
Series Scanner you''ll get full speed at 300 dpi even with all image
processing features enabled. http://p.sf.net/sfu/kodak-com
Christ Schlacta wrote:> I''m new, my name''s Christ, and I''ve started using shorewall in the > past few weeks. > > problem I''m having, is thus: > Web/ACCEPT users servs > Web/ACCEPT users $FW #Accept Web traffic. > REDIRECT users 3129 tcp www #forward > it to myself > Web/ACCEPT $FW all #then allow myself to access teh web. > > these are supposed to redirect all web access from the "users" zone to > the "wan" zone (not shown) to the squid proxy on port 3129. It''s > additionally supposed to accept all traffic from the users zone to the > servs zone (line 1) and pass it on untouched (as supported by > underlying routing tables) however, it''s instead passing all http > requests from users to servs through the squid proxy. > > what have I done wrong ?I''ve already advised the OP on IRC to use ACCEPT+ rather than ACCEPT. That corrected the problem. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ The NEW KODAK i700 Series Scanners deliver under ANY circumstances! Your production scanning environment may not be a perfect world - but thanks to Kodak, there''s a perfect scanner to get the job done! With the NEW KODAK i700 Series Scanner you''ll get full speed at 300 dpi even with all image processing features enabled. http://p.sf.net/sfu/kodak-com
the OP ? thanks again Tom~ On Mon, May 11, 2009 at 6:39 PM, Tom Eastep <teastep@shorewall.net> wrote:> Christ Schlacta wrote: >> I'm new, my name's Christ, and I've started using shorewall in the >> past few weeks. >> >> problem I'm having, is thus: >> Web/ACCEPT users servs >> Web/ACCEPT users $FW #Accept Web traffic. >> REDIRECT users 3129 tcp www #forward >> it to myself >> Web/ACCEPT $FW all #then allow myself to access teh web. >> >> these are supposed to redirect all web access from the "users" zone to >> the "wan" zone (not shown) to the squid proxy on port 3129. It's >> additionally supposed to accept all traffic from the users zone to the >> servs zone (line 1) and pass it on untouched (as supported by >> underlying routing tables) however, it's instead passing all http >> requests from users to servs through the squid proxy. >> >> what have I done wrong ? > > I've already advised the OP on IRC to use ACCEPT+ rather than ACCEPT. > That corrected the problem. > > -Tom > -- > Tom Eastep \ When I die, I want to go like my Grandfather who > Shoreline, \ died peacefully in his sleep. Not screaming like > Washington, USA \ all of the passengers in his car > http://shorewall.net \________________________________________________ > > > ------------------------------------------------------------------------------ > The NEW KODAK i700 Series Scanners deliver under ANY circumstances! Your > production scanning environment may not be a perfect world - but thanks to > Kodak, there's a perfect scanner to get the job done! With the NEW KODAK i700 > Series Scanner you'll get full speed at 300 dpi even with all image > processing features enabled. http://p.sf.net/sfu/kodak-com > _______________________________________________ > Shorewall-users mailing list > Shorewall-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/shorewall-users > >-- (\_/) This is Bunny. Copy and paste Bunny (='.'=) into your signature to help him gain (")_(") world domination. ------------------------------------------------------------------------------ The NEW KODAK i700 Series Scanners deliver under ANY circumstances! Your production scanning environment may not be a perfect world - but thanks to Kodak, there's a perfect scanner to get the job done! With the NEW KODAK i700 Series Scanner you'll get full speed at 300 dpi even with all image processing features enabled. http://p.sf.net/sfu/kodak-com _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
Christ Schlacta wrote:> the OP ? thanks again Tom~OP == "Original Poster" -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ The NEW KODAK i700 Series Scanners deliver under ANY circumstances! Your production scanning environment may not be a perfect world - but thanks to Kodak, there''s a perfect scanner to get the job done! With the NEW KODAK i700 Series Scanner you''ll get full speed at 300 dpi even with all image processing features enabled. http://p.sf.net/sfu/kodak-com