port 80 redirection

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi,

I'm not sure if this is OT here, but can
someone comment on the following?  It is
certainly confusing if not convoluted. There's
always a simple solution, but I'm just
curious as to whether or not such a set
up would work.

I have a LAN beheind a NAT'd firewall
with iptables 1.2.8.  Currently,
none of the users are proxied.  How
do I transparently proxy the users,
but with their workstations not
needing any proxy changes?

I had an idea, but don't know if
it's do-able (or even should I even
bother)?

ie.

LAN (port 80) ->
      IN                              OUT
->(80 eth1  ) Firewall          (eth1 8180)
->(8180 eth0) Proxy Machine     (eth0 8181)
->(8181 eth1) Firewall          (80  eth0) -> 'Net

So when a packet comes back, it goes :

'Net (port 80) ->
      IN                             Out
->(80 eth0 in)    Firewall          (eth1 8181)
->(8181 eth0 in)  LAN Proxy         (eth0 8180)
->(8180 eth1 in)  Firewall          (eth1 80) -> LAN

This way, I can transparently proxy the users
and I wouldn't need to fiddle around with their
workstation settings.

Any pointers appreciated.

Edmund








[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux