Fwd: proxy+port redirection behaviour

Metal Gear finattack at gmail.com
Thu Apr 28 11:12:15 CEST 2005


I (for some unknown reason) was thinking that the firewall that your clients 
> used was a Linux box which had a 2nd hardware firewall connecting it to the 
> net. As such I did not take in to account that the host that you would be 
> running this rule on might not already be set up to
forward traffic.

My clients gateway is set to squid proxy and the squid proxy 's gateway is 
set to the firewall. I want to run the rules on my squid box and there are 
no other rules on it. Except the ones that i send in my previous mail.

As such, do you have any other firewall rules set up or policies on chains 
> set to DROP traffic? Also you will need to make sure that 
> /proc/sys/net/ipv4/ip_forward is set to 1 thus configuring your server to 
> forward traffic. You will have to forward traffic as traffic is coming in to 
> your server and then being redirected / forwarded to another server. This 
> could possibly explain the ""filtering that nmap is reporting as I'm not 
> sure what type of error will be generated by trying to forward and then 
> being DROPed. I expect that the traffic will just look like there is 
> something in the way, not a reject or no route to host or any thing like 
> that.

Yes no extra DROP rules My squid box has only one interface so there is any 
neeed of enabling forwarding on it. ?? Anyways i enable forwarding but still 
it does not works.


More information about the netfilter mailing list