lör 2007-01-06 klockan 04:44 -0800 skrev zulkarnain:
> How to configure proxy to route return traffic via
> firewall? I try rules "iptables -t nat -A PREROUTING
> -i eth0 -s ! 192.168.1.2 -p tcp --dport 80 -j DNAT
> --to 192.168.1.2:3128" but won't work correctly. any
> help would be great. Thanks.
It's done by routing, not NAT.
route del your.network/mask
route add ip.of.router dev eth0
route add your.network/mask via ip.of.router
but I recommend you to move the proxy to a "dmz" network managed by the
firewall.
LAN -> firewall -> Internet
|
| DMZ network
|
+---> proxy
|
+---> protected web server (if you have one)
|
+---> other protected servers (if you have)
|
...
Regards
Henrik
This archive was generated by hypermail pre-2.1.9 : Thu Feb 01 2007 - 12:00:01 MST