FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora User

 
 
LinkBack Thread Tools
 
Old 12-11-2007, 03:19 PM
"Joe Tseng"
 
Default More firewall fun

I was recently informed my network setup was
incorrect and I needed to use a dual-homed proxy server.* So now
I'm*reworking my*setup where the outside network, firewall, proxy, and
intranet are aligned serially.* I've got IP*forwarding*enabled on
my firewall and disabled on the proxy.* When I try to ping or access a web
server from behind the proxy I noticed on*the proxy*the iptables
PREROUTING counter would tick upwards.* Is it the right thing to disable IP
forwarding on the proxy?* If so, how can I get the packets through without
mangling the destination IP?* Is there something else I'm completely
missing?
--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 
Old 12-11-2007, 09:55 PM
John Summerfield
 
Default More firewall fun

Joe Tseng wrote:

I was recently informed my network setup was incorrect and I needed to use a dual-homed proxy server. So now I'm reworking my setup where the outside network, firewall, proxy, and intranet are aligned serially. I've got IP forwarding enabled on my firewall and disabled on the proxy. When I try to ping or access a web server from behind the proxy I noticed on the proxy the iptables PREROUTING counter would tick upwards. Is it the right thing to disable IP forwarding on the proxy? If so, how can I get the packets through without mangling the destination IP? Is there something else I'm completely missing?



I don't have the foggiest idea of your network setup, why (or even that)
it was wrong, or what you are trying to achieve.


Can we have some detail on what you actually need to do? And why?

Define some terms; proxy can mean different things in different contexts.

Posting in plain text would be beneficial too.



--

Cheers
John

-- spambait
1aaaaaaa@coco.merseine.nu Z1aaaaaaa@coco.merseine.nu
-- Advice
http://webfoot.com/advice/email.top.php
http://www.catb.org/~esr/faqs/smart-questions.html
http://support.microsoft.com/kb/555375

You cannot reply off-list:-)

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 

Thread Tools




All times are GMT. The time now is 12:02 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org