Displaying 20 results from an estimated 20000 matches similar to: "fw to fw question"
2004 Oct 11
5
Fw: setting an exception source to a redirect rule?
I recently setup shorewall on my freshly rebuilt router box.
I setup transparent proxying using transproxy/dansguardian/privoxy/squid.
My current rules for the redirect are:
REDIRECT loc 81 tcp www - !192.168.100.0/24
ACCEPT fw net tcp www
How do I set this so that all the request are redirected except for requests FROM a certain machine (192.168.100.11)?
I
2005 Jan 19
2
Specify rule bypass by domain with wildcards?
I have a rule setup to transparently proxy all normal web traffic
through Dan''s Guardian for filtering.
However, there are a few sites that simply do not work right through a
transparent proxy.
The biggest of these is yahoo mail.
Most sites are not a problem to add to the exemption list.
Yahoo, however, apparently uses many servers for the webmail system.
There is the main server
2006 Feb 17
3
dansguardian+squid masquerading not working
Hello Everyone!
I am using shorewall-3.0.5 on suse linux.
Recently we have implemented dansguardian running on 8080 and squid on
port 3128.
Previously (before dans guardian) masquerading was working fine but
after the implementation of dansguardian masquerading is not working.
My rules file has entry
Previous entry was
ACCEPT loc:192.192.192.3 net
REDIRECT loc 8080 tcp
2015 Feb 20
2
sipsak 200 for a user, but 404 for a different user...why?
What's the difference between user "123" and "devries"? Based on the
output here, they seem the same..?
tleilax*CLI>
tleilax*CLI> sip show users
Username Secret Accountcode
Def.Context ACL Forcerport
201 password 201
default No Yes
123
2007 Jan 08
2
shorewall/dansguardian/squid problem
ive got a config thats
client -> server ->Dansguardian->Squid -> onward adn I want to
transparently redirect web traffic to DG/Squid
Not sure where the problem lies - hoping you guys can help me and at
least tell me that its NOT my shorewall config
heres the configs
When I point a browser straight at 3128 or 3129 I get web pages back
and the appropriate stuff in the logs .
I get a
2004 Mar 23
2
outgoing redirect
I am trying to help a school run dansguardian transparent. I added the
following to shorewalls rules, and from a tail of messages it seemed to be
working, but he called saying no one had Internet. What should the rule be
if this does not redirect port 80 to 8080?
REDIRECT loc 8080 tcp www -
!10.192.0.2 (web on dmz)
ACCEPT fw net tcp www
2009 Aug 18
3
Rules based on ipmasq
Hi,
I had installed squid with ntlm authentication and content filtering
from this tutorial:
http://www.howtoforge.com/dansguardian-with-multi-group-filtering-and-squid-with-ntlm-auth-on-debian-etch.
Next to last point is firewall configuration by ipmasq but I have
installed shorewall. This is content of I89tproxy.rul file:
#!/bin/sh
#
# redirect http requests to non-local hosts to the
2006 Feb 10
4
Transparent http proxy
Hi all,
I''m trying to set up a transparent proxy with dansguardian, and running
into some strange issues with the squid setup without dansguardian. I have
used shorewall for quite some time, and I''m stumped as to why I can''t get
this to work. Here is a brief synopsis of my network.
loc --> gateway/firewall--> net
I have the following policies:
#firewall to
2002 May 14
3
Forwarding and Sub Zone
Hello,=09
=09I have a setup where the lan zone, eth0, will be forwarded through a=20
transpanent proxy (dansguardian and squid with squidguard) for web access=
=2E =20
Now I want a few computers that are part of the lan zone to be free from =
the=20
time, content restrictions. I tryed making a sub zone called webgp, and=20
adding a rule that alows webgp to wan on 80. I then added these few=20
2015 Feb 20
2
sipsak 200 for a user, but 404 for a different user...why?
On Fri, 20 Feb 2015 08:46:13 -0500, Andres wrote:
> A "sip set debug on" will give you more info on why you are getting the
> 404. It probably has to do something with your context/dialplan.
on tleilax:
tleilax*CLI>
tleilax*CLI> sip set debug on
SIP Debugging enabled
tleilax*CLI>
on doge:
thufir at doge:~$
thufir at doge:~$ sudo sipsak -vv -s sip:devries at
2006 Jan 10
0
R for Windows Proxy Solution
For errors with:
download.file()
install.package()
update.package()
any other command that R uses to access the internet
Setting up a proxy in R 2.2.1 for windows.
I work at a Central Bank so our firewall and proxy are very particular. To
allow R to access the net I did the following:
1. In order for other programs, specifically STATA, to access the internet
we use a program called Privoxy.
2005 Apr 24
6
redirect: net to fw
I have router/server that I would like to ssh to from the net. In
order to discourage brute force attacks I would like to redirect all
connections on a non-standard port to port 22 on the router/server.
If notice that setting up a rule
REDIRECT net 22 tcp 4104
causes the firewall to open both ports 4104 and 22 to connections from
the net. Is it possible to only redirect 4104 to the
2002 May 14
4
Redirect loc::80 to fw::3128 not work
The rule:
ACCEPT loc $FW::3128 tcp www
doesn''t work propertly, the http access does not redirect
to squid but directly exit.
what''s wrong?
Thanks
-------
Dario Lesca (d.lesca@ivrea.osra.it)
--------------------------------------
@@@@@@@ this is my shorewall-1.2.13 config:
#[/etc/shorewall/common.def]-----------------------------------------------
2005 Apr 19
14
allow ssh access from net to fw?
Hi,
I''m trying to enable ssh (when that works, want to add:pop3s,smtp,web) from
the internet to the firewall but it does not work.
I managed to DNAT ftp to a host in the loc network (192.168.0.50) successful
but I don''t know why SSH:
Does not work for me:
ACCEPT net fw tcp 22
Works from the loc network:
ACCEPT loc fw tcp 22
I have tried also with (no success):
AllowSSH
2004 Oct 06
9
Problem with local email after shorewall installation
Hi,
Summary of problem:
Local mail on the firewall stopped working after installing shorewall
Background
yesterday I installed shorewall, based on the debian package from
www.backports.org
(which seems to be a 2.0.3 package) on an otherwise virgin debian woody set up.
Configuration was done based on the two-interface setup.
Kernel is 2.6.8.1 unpatched. A 2.4.23 kernel, with
2005 Feb 18
7
$FW in tcrules
Hi Folks,
I''m a new user to Shorewall, it came installed on the redWall firewall
that I am using and I''m really happy with both projects! Thanks for all
your work on it!
I have a question about tcrules and $FW. I''m doing source policy
routing and need to be able to add an output rule to the mangle chain
with a source that is specific network, not 0.0.0.0/0. It
2005 Jan 04
4
Shorewall redirect with Squid and Dansguardian
Hi all,
I''ve just built Mandrake 10.1 on a Compaq Deskpro that I''ve built as a
router/firewall and am redirecting port 80 outbound to force users through
the Content Filter. I''ve run this setup on Mandrake 9.0 and 10.0 without any
problems but this time the following happens.
Squid is accessed through port 3128 and Dansguardian via 8080.
If I set my browser on a
2004 Aug 10
2
IP of FW showing instead of server''s IP
Hi,
I have a 3 interface FW like this:
http://shorewall.greshko.com/GSLUG_files/slide0008_image004.png
where I use PROXYARP to give the servers in DMZ an IP from our public IP
range.
A bit like this:
http://shorewall.greshko.com/GSLUG_files/slide0042_image026.png
proxyarp:
xxx.23.52.145 eth1 eth0 - yes
xxx.23.52.146 eth1 eth0 - yes
xxx.23.52.147 eth1 eth0 - yes
xxx.23.52.148 eth1 eth0 - yes
2003 Jan 14
1
Access to fw from only 1 specific IP on the internet
I''m a bit confused about the zones vs. rules regulatives.
Scenario:
I''m setting up an firewall for a friend with loc, net and dmz zones (and
ofcourse the firewall itself fw).
I need to be able to remotely administrate it, either through ssh or
webinterface, because of the physical distance.
lets asume my public IP at home is 80.80.80.80
Would it (if we focus on ssh connection
2004 Sep 27
1
fw2fw
Is there such a rule are fw to fw ? For instance, how do I specify localhost
to localhost, or a eth1 to eth1 interface?