Fwd: proxy+port redirection behaviour

Metal Gear finattack at gmail.com
Thu Apr 28 11:12:15 CEST 2005


Hi,

I (for some unknown reason) was thinking that the firewall that your clients 
> used was a Linux box which had a 2nd hardware firewall connecting it to the 
> net. As such I did not take in to account that the host that you would be 
> running this rule on might not already be set up to
> 
forward traffic.


My clients gateway is set to squid proxy and the squid proxy 's gateway is 
set to the firewall. I want to run the rules on my squid box and there are 
no other rules on it. Except the ones that i send in my previous mail.

As such, do you have any other firewall rules set up or policies on chains 
> set to DROP traffic? Also you will need to make sure that 
> /proc/sys/net/ipv4/ip_forward is set to 1 thus configuring your server to 
> forward traffic. You will have to forward traffic as traffic is coming in to 
> your server and then being redirected / forwarded to another server. This 
> could possibly explain the ""filtering that nmap is reporting as I'm not 
> sure what type of error will be generated by trying to forward and then 
> being DROPed. I expect that the traffic will just look like there is 
> something in the way, not a reject or no route to host or any thing like 
> that.


Yes no extra DROP rules My squid box has only one interface so there is any 
neeed of enabling forwarding on it. ?? Anyways i enable forwarding but still 
it does not works.


Thanks


More information about the netfilter mailing list