[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[seul-edu] (FWD) IP chains / transparent proxy

----- Forwarded message from Andy Hall <ahall@mail.lexington.k12.mo.us> -----

Date: Tue, 13 Jun 2000 08:45:42 -0500
To: arma@MIT.EDU
From: Andy Hall <ahall@mail.lexington.k12.mo.us>
Subject: IP chains / transparent proxy

The previous post basically said how we do it as well.  The ipchains
command in our /etc/rc.d/rc.local file is:

/sbin/ipchains -A input -p tcp -s -d 0/0 80 -j REDIRECT 3128

This redirects everything from the internal network that goes out port 80
to port 3128....

We run our web server outside of our firewall for now, so I'm not sure I
know the answer to your question.  If it is just an intranet and everyone
is on the same subnet, then there is a setting to allow internal requests
to bypass squid.

If you're running your internet web server inside the firewall, e-mail and
let me know how you're doing it.  We've figured it out, but it seems like a
difficult process to me.


Andy Hall, Technology Director				
Lexington R-5 School District
100 South 13th Street						(660) 259-6571
Lexington, MO  64067						ahall@mail.lexington.k12.mo.us

----- End forwarded message -----