similar to: fw to fw question

I recently setup shorewall on my freshly rebuilt router box. I setup transparent proxying using transproxy/dansguardian/privoxy/squid. My current rules for the redirect are: REDIRECT loc 81 tcp www - !192.168.100.0/24 ACCEPT fw net tcp www How do I set this so that all the request are redirected except for requests FROM a certain machine (192.168.100.11)? I

I have a rule setup to transparently proxy all normal web traffic through Dan''s Guardian for filtering. However, there are a few sites that simply do not work right through a transparent proxy. The biggest of these is yahoo mail. Most sites are not a problem to add to the exemption list. Yahoo, however, apparently uses many servers for the webmail system. There is the main server

Hello Everyone! I am using shorewall-3.0.5 on suse linux. Recently we have implemented dansguardian running on 8080 and squid on port 3128. Previously (before dans guardian) masquerading was working fine but after the implementation of dansguardian masquerading is not working. My rules file has entry Previous entry was ACCEPT loc:192.192.192.3 net REDIRECT loc 8080 tcp

What's the difference between user "123" and "devries"? Based on the output here, they seem the same..? tleilax*CLI> tleilax*CLI> sip show users Username Secret Accountcode Def.Context ACL Forcerport 201 password 201 default No Yes 123

ive got a config thats client -> server ->Dansguardian->Squid -> onward adn I want to transparently redirect web traffic to DG/Squid Not sure where the problem lies - hoping you guys can help me and at least tell me that its NOT my shorewall config heres the configs When I point a browser straight at 3128 or 3129 I get web pages back and the appropriate stuff in the logs . I get a

I am trying to help a school run dansguardian transparent. I added the following to shorewalls rules, and from a tail of messages it seemed to be working, but he called saying no one had Internet. What should the rule be if this does not redirect port 80 to 8080? REDIRECT loc 8080 tcp www - !10.192.0.2 (web on dmz) ACCEPT fw net tcp www

Hi, I had installed squid with ntlm authentication and content filtering from this tutorial: http://www.howtoforge.com/dansguardian-with-multi-group-filtering-and-squid-with-ntlm-auth-on-debian-etch. Next to last point is firewall configuration by ipmasq but I have installed shorewall. This is content of I89tproxy.rul file: #!/bin/sh # # redirect http requests to non-local hosts to the

Hi all, I''m trying to set up a transparent proxy with dansguardian, and running into some strange issues with the squid setup without dansguardian. I have used shorewall for quite some time, and I''m stumped as to why I can''t get this to work. Here is a brief synopsis of my network. loc --> gateway/firewall--> net I have the following policies: #firewall to

Hello,=09 =09I have a setup where the lan zone, eth0, will be forwarded through a=20 transpanent proxy (dansguardian and squid with squidguard) for web access= =2E =20 Now I want a few computers that are part of the lan zone to be free from = the=20 time, content restrictions. I tryed making a sub zone called webgp, and=20 adding a rule that alows webgp to wan on 80. I then added these few=20

On Fri, 20 Feb 2015 08:46:13 -0500, Andres wrote: > A "sip set debug on" will give you more info on why you are getting the > 404. It probably has to do something with your context/dialplan. on tleilax: tleilax*CLI> tleilax*CLI> sip set debug on SIP Debugging enabled tleilax*CLI> on doge: thufir at doge:~$ thufir at doge:~$ sudo sipsak -vv -s sip:devries at

For errors with: download.file() install.package() update.package() any other command that R uses to access the internet Setting up a proxy in R 2.2.1 for windows. I work at a Central Bank so our firewall and proxy are very particular. To allow R to access the net I did the following: 1. In order for other programs, specifically STATA, to access the internet we use a program called Privoxy.

I have router/server that I would like to ssh to from the net. In order to discourage brute force attacks I would like to redirect all connections on a non-standard port to port 22 on the router/server. If notice that setting up a rule REDIRECT net 22 tcp 4104 causes the firewall to open both ports 4104 and 22 to connections from the net. Is it possible to only redirect 4104 to the

The rule: ACCEPT loc $FW::3128 tcp www doesn''t work propertly, the http access does not redirect to squid but directly exit. what''s wrong? Thanks ------- Dario Lesca (d.lesca@ivrea.osra.it) -------------------------------------- @@@@@@@ this is my shorewall-1.2.13 config: #[/etc/shorewall/common.def]-----------------------------------------------

Hi, I''m trying to enable ssh (when that works, want to add:pop3s,smtp,web) from the internet to the firewall but it does not work. I managed to DNAT ftp to a host in the loc network (192.168.0.50) successful but I don''t know why SSH: Does not work for me: ACCEPT net fw tcp 22 Works from the loc network: ACCEPT loc fw tcp 22 I have tried also with (no success): AllowSSH

Hi, Summary of problem: Local mail on the firewall stopped working after installing shorewall Background yesterday I installed shorewall, based on the debian package from www.backports.org (which seems to be a 2.0.3 package) on an otherwise virgin debian woody set up. Configuration was done based on the two-interface setup. Kernel is 2.6.8.1 unpatched. A 2.4.23 kernel, with

Hi Folks, I''m a new user to Shorewall, it came installed on the redWall firewall that I am using and I''m really happy with both projects! Thanks for all your work on it! I have a question about tcrules and $FW. I''m doing source policy routing and need to be able to add an output rule to the mangle chain with a source that is specific network, not 0.0.0.0/0. It

Hi all, I''ve just built Mandrake 10.1 on a Compaq Deskpro that I''ve built as a router/firewall and am redirecting port 80 outbound to force users through the Content Filter. I''ve run this setup on Mandrake 9.0 and 10.0 without any problems but this time the following happens. Squid is accessed through port 3128 and Dansguardian via 8080. If I set my browser on a

Hi, I have a 3 interface FW like this: http://shorewall.greshko.com/GSLUG_files/slide0008_image004.png where I use PROXYARP to give the servers in DMZ an IP from our public IP range. A bit like this: http://shorewall.greshko.com/GSLUG_files/slide0042_image026.png proxyarp: xxx.23.52.145 eth1 eth0 - yes xxx.23.52.146 eth1 eth0 - yes xxx.23.52.147 eth1 eth0 - yes xxx.23.52.148 eth1 eth0 - yes

I''m a bit confused about the zones vs. rules regulatives. Scenario: I''m setting up an firewall for a friend with loc, net and dmz zones (and ofcourse the firewall itself fw). I need to be able to remotely administrate it, either through ssh or webinterface, because of the physical distance. lets asume my public IP at home is 80.80.80.80 Would it (if we focus on ssh connection

Is there such a rule are fw to fw ? For instance, how do I specify localhost to localhost, or a eth1 to eth1 interface?