Re: Slight note in port redirection

From: Dancer <>
Date: Sun, 25 Jan 1998 23:30:48 +1000

Indeed. This works for pretty much all solutions. In order:

Allow localhost to port 80 anywhere.
Allow machine's IP's to port 80 anywhere.
Allow local users to _this_ machine, port 80
(and the heck with it, all of the rest of your lan, while you're at it)
Allow local users to other local users on port 80.
Allow the world to come to port 80 on your machine, and heck, your whole lan, if
you want.
THEN: allow (but redirect) your local users to anywhere on port 80. The previous
rules will permit everything else that should work.


miguel a.l. paraz wrote:

> This I noticed when using Linux/ipfwadm to do transparent proxying. If
> you have a web server running on port 80 on the same machine, you need an
> explicit rule in the Input rule set to allow traffic coming in. This
> should come before the redirection rule, so that requests made to your web
> server will not be redirected. The redirection throws Squid into a loop
> and eventually hangs.
> Hope this helps,
> --
> miguel a.l. paraz iphil communications, makati city, ph +63-2-750-2288

Did you read the documentation AND the FAQ?
If not, I'll probably still answer your question, but my patience will
be limited, and you take the risk of sarcasm and ridicule.
Received on Sun Jan 25 1998 - 05:36:54 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:38:30 MST