Thanks before to all ppl that help me out, my problem (slowlyness has
gone). Now i'm move on my IBM XSERIES, everything works smooth.
But i have another problem (may be because i'm newbie on this). My
other NAT already configured allow to browsing a few site only, but when i put
transparent proxy rules (ipchains based) they can browsing to anywhere |
*The ipchains rules that already defined seems didn't work anymore*
my fw rules are
touch /var/lock/subsys/local
insmod ipchains
echo 1 > /proc/sys/net/ipv4/ip_forward
ipchains -P forward DENY
ipchains -A forward -s 192.168.2.0/24 -j MASQ
ipchains -A input -p TCP -d 127.0.0.1/24 www -j ACCEPT
ipchains -A input -p TCP -d 192.168.2.0/24 www -j ACCEPT
ipchains -A input -p TCP -d any/0 www -j REDIRECT 3128
#settings for Accounting PC
ipchains -A input -s 192.168.2.21 -d ip1 80 -p tcp -j ACCEPT
ipchains -A input -s 192.168.2.21 -d ip2 80 -p tcp -j ACCEPT
ipchains -A input -s 192.168.2.21 -d ip3 80 -p tcp -j ACCEPT
ipchains -A input -s 192.168.2.21 -d ip4 80 -p tcp -j ACCEPT
ipchains -A input -s 192.168.2.21 -d 0.0.0.0/0 80 -p tcp -j REJECT
regards,
Andry Yudianto
Received on Sun May 30 2004 - 23:20:01 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Jun 01 2004 - 12:00:02 MDT