With such a restrictive default policy there is many rules you will
need to add for allowing any traffic. This is a question on
firewalling, not transparent proxying. The rules for redirecting the
traffic to your transparent proxy is correct, but your firewalling
policy do not allow this server to send or receive any packets.
If your intention is not to also run a firewall then have the default
policies all set to ACCEPT. If your intention is to also have a
firewall ruleset then you need to make such a ruleset, setting
everything to DENY/REJECT is a too far effective firewalling.
Regards
Henrik
On Monday 17 June 2002 06.53, Johnson Jeba Asir wrote:
> Hello All,
>
> Till now I dint get any reply from the List Kindly
> help me to solve this problem.
>
> Thanks in advance
> A. Johnson
>
> > Hello all,
> >
> > I have squid+transparent proxy setup in my
> > RH6.2 pc. I have some problem
> > when I add the redirecting rule to my firewall. The
> > follwing is the extract
> > from my firewall rc. If I uncomment the default
> > policy
> > rules then setup is
> > not working. Kinly help me to solve this problem
> >
> > Thanks in advance,
> > A.Johnson
> >
> >
> >
> > # Flush all existing rules
> > #-------------------------
> > #ipchains -F
> >
> > # Set the default policy to deny
> > #-------------------------------
> > #ipchains -P input DENY
> > #ipchains -P output REJECT
> > #ipchains -P forward REJECT
> >
> > echo 1 > /proc/sys/net/ipv4/ip_forward
> > /sbin/ipchains -A input -j ACCEPT -i lo
> > /sbin/ipchains -A input -j ACCEPT -p tcp -d
> > 192.168.0.200 80
> > /sbin/ipchains -A input -j REDIRECT 3128 -p tcp -s
> > 192.168.0.0/24 -d 0.0.0.0/0 80
>
> __________________________________________________
> Do You Yahoo!?
> Yahoo! - Official partner of 2002 FIFA World Cup
> http://fifaworldcup.yahoo.com
Received on Mon Jun 17 2002 - 02:23:22 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:08:42 MST