I''m attempting to get a Squid proxy running on my firewall. I have 3 computers on the LAN (192.168.1.2-5) and the firewall (192.168.1.1) which has the Internet connection. I''ve added the following line to /etc/shorewall/rules: REDIRECT loc 3128 tcp www - !192.168.1.1 But I get the following error when restarting shorewall: Error: Invalid Target in rule "REDIRECT loc 3128 tcp www - !192.168.1.1 Any ideas?
On Sat, 24 May 2003 01:04:26 +1000, Eddie Mikhail <emikhail@bigpond.net.au> wrote:> I''m attempting to get a Squid proxy running on my firewall. I have 3 > computers on the LAN (192.168.1.2-5) and the firewall (192.168.1.1) > which has the Internet connection. > > I''ve added the following line to /etc/shorewall/rules: > > REDIRECT loc 3128 tcp www - !192.168.1.1 > > But I get the following error when restarting shorewall: > > Error: Invalid Target in rule "REDIRECT loc 3128 tcp www - !192.168.1.1 > > Any ideas?What version of Shorewall are you running? -Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline, \ http://www.shorewall.net Washington USA \ teastep@shorewall.net
I''m running Shorewall v1.2.12-1 on Debian 3.0 with Kernel 2.4.20 Eddie -----Original Message----- From: Tom Eastep [mailto:teastep@shorewall.net] Sent: Saturday, 24 May 2003 01:19 To: Eddie Mikhail; shorewall-users@lists.shorewall.net Subject: Re: [Shorewall-users] Shorewall and Squid On Sat, 24 May 2003 01:04:26 +1000, Eddie Mikhail <emikhail@bigpond.net.au> wrote:> I''m attempting to get a Squid proxy running on my firewall. I have 3 > computers on the LAN (192.168.1.2-5) and the firewall (192.168.1.1) > which has the Internet connection. > > I''ve added the following line to /etc/shorewall/rules: > > REDIRECT loc 3128 tcp www - !192.168.1.1 > > But I get the following error when restarting shorewall: > > Error: Invalid Target in rule "REDIRECT loc 3128 tcp www -!192.168.1.1> > Any ideas?What version of Shorewall are you running? -Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline, \ http://www.shorewall.net Washington USA \ teastep@shorewall.net
On Sat, 24 May 2003 09:53:57 +1000, Eddie Mikhail <emikhail@bigpond.net.au> wrote: Two things: a) If you are going to run Shorewall 1.2.12 then you need to use the 1.2.12 documentation (http://www1.shorewall.net/1.2/). WARNING 1: That documentation isn''t very good. WARNING 2: Configuring 1.2.12 is quite different (and harder) that configuring 1.4.4 (the current version). b) Shorewall 1.2.* hasn''t been supported since 1.4.0 came out several months ago. -Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline, \ http://www.shorewall.net Washington USA \ teastep@shorewall.net