Re: ICP proxy for Firewall from Peter Marelas on 1997-10-21 (squid-users)

From: Peter Marelas <maral@dont-contact.us>
Date: Tue, 21 Oct 1997 21:59:31 +1000 (EST)

Do a search for "netcat"..
It will listen on udp/tcp ports and forward to a single dest.

On Mon, 20 Oct 1997 tgraff@esoc.esa.de wrote:

>
>
>
>
> Hello,
>
> I am looking for an ICP proxy for our Firewall. We're using the Tis
> Gauntlet software here, which is the full version of the Tis Firewall
> toolkit. This may be not the right forum for Firewall issues, but I've seen
> form the recent messages to this list, a lot of people using their Squid
> cache servers along with Firewalls, especially the tis toolkit.
>
> I'm currently setting up a cache server which has to be located inside our
> organisation protected by the Firewall. But it has to be able to contact
> its parent cache servers outside via ICP (and receive ICP answers).
>
> I've first tried to place the cache server outside the Firewall on our
> external LAN segment, using the http-gw handoff option, which works fine,
> but has the sideeffect on not being able to process requests back to
> internal WWW servers. These internal WWW servers cannot easily excluded in
> a browser client using i.e. a "no proxy for" setting, as our internal
> protected network is spread over different sites and identifying internal
> and external isn't possible by looking simply at the domainname
> (unfortunately we don't have a common naming convention for int. and ext.
> yet).
>
> Do you know how to handle ICP through a Firewall without opening a specific
> port i.e. the default 3130 completely and leave it unchecked? Are there
> maybe an add-on products available? Well, I was also thinking of so called
> plug-gateways, but as far as I know they don't allow multiple hosts to talk
> to and our cache will not have only one parent, but i.e 4 or 5.
>
> Many thanks in advance,
> Thomas
>
> ---
> Thomas Graff
> European Space Operations Centre
> phone: (+49)-6151-90-2996
> FAX: (+49)-6151-90-3503
> Email: tgraff@esoc.esa.de
>
>

Regards
Peter Marelas

--
Phase One Interactive - Sun Solaris/Unix/Networking Consultant
P.O Box 549, Templestowe 3106 Melbourne, Australia
URL: http://www.phase-one.com.au/

Received on Tue Oct 21 1997 - 05:15:54 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:37:19 MST