I'm using iptables/gShield on my firewall that is in front of two
private subnets, 192.168.0 and 192.168.1.
If I force all http traffic, using gshield/iptables, to the proxy server
which is currently on the firewall I can no longer access a webserver on
that .1 subnet from the .0 subnet.
In squid.conf I have:
acl local-servers dstdomain mydomain.com
acl sub1-servers src 192.168.1.0/255.255.255.0
acl sub0-servers src 192.168.0.0/255.255.255.0
always_direct allow local-servers
always_direct allow sub0-servers
always_direct allow sub1-servers
But that doesn't seem to do anything.
I could probably muddle through setting iptables to forward all traffic
to the proxy except stuff for the 192.168.1 network, but I was wondering
if there was a better way to do it.
-Patrick
Received on Thu Mar 21 2002 - 16:23:47 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:07:01 MST