Hi,
On Thu, 21 Mar 2002, Zbigniew wrote:
> I'm using iptables/gShield on my firewall that is in front of two
> private subnets, 192.168.0 and 192.168.1.
> If I force all http traffic, using gshield/iptables, to the proxy server
> which is currently on the firewall I can no longer access a webserver on
> that .1 subnet from the .0 subnet.
>
> In squid.conf I have:
>
> acl local-servers dstdomain mydomain.com
> acl sub1-servers src 192.168.1.0/255.255.255.0
> acl sub0-servers src 192.168.0.0/255.255.255.0
> always_direct allow local-servers
> always_direct allow sub0-servers
> always_direct allow sub1-servers
>
> But that doesn't seem to do anything.
You probably want "dst" instead of "src" in some of those. For web servers
you are trying to get "to", use "dst".
Colin
Received on Thu Mar 21 2002 - 18:36:37 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:07:01 MST