Re: Transparent Proxy & IPtables

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




On Tue, May 14, 2002 at 09:02:27PM -0300, Tiago Fioreze wrote:
> > >     tcpdump: listening on en0
> > >18:46:30.687660229 myhost.55611 > my_squid_server.8080: S 34894507
> > >80:3489450780(0) win 5840 <mss 1460,sackOK,timestamp 168050131
> > 2113929216,nop,ws
> > >cale 0> (DF)]
> > >18:46:30.688073773 my_squid_server.8080 > myhost.55611: S 32226271
> > >83:3222627183(0) ack 3489450781 win 17520 <mss 1460>]
>   Answering your question... No, Squid is running on AIX 5L... en0 --> Standard 
> Ethernet Network Interface on AIX.
> 

   |----------|  eth1|----------|eth0              |------------|
   | Internet |------| Firewall |--------|---------| My Network |
   |----------|      |----------|        |         |------------|
                                         |
                                         |
                                     |-------|
                                     | SQUID |
                                     |-------|


SQUID and My Network see each other

> > > 
> > >      On Firewall Box: (command: tcpdump host my_squid_server)
> > > 
> > > tcpdump: listening on eth0
> > > 18:39:51.962480 arp who-has my_squid_server tell my_firewall
> > <snip>
> > > 18:40:36.962475 arp who-has my_squid_server tell my_firewall
> > > 
> > > 
> > >       On My Host Box: (command: tcpdump host my_squid_server)
> > > 
> > >       tcpdump: listening on eth0
> > > 18:58:05.045512 arp who-has my_squid_server tell my_firewall
> > <snip>
> > > 18:58:31.040055 arp who-has my_squid_server tell myhost

my_firewall has poblem finding my_squid_server

before you try port forwarding from my_firewall to 
my_squid_server they should be able to ping each other.
Can they?


-- 
David Correa
Public Key http://www.linux-tech.com/linuxtech.asc
Key fingerprint 7F2C E072 479D 71B4 008B 373E A284 8CDE 7659 F5D8
------------------------------------------------------------------------
     To unsubscribe email security-discuss-request@linuxsecurity.com
         with "unsubscribe" in the subject of the message.


[Index of Archives]     [Fedora Announce]     [Linux Crypto]     [Kernel]     [Netfilter]     [Bugtraq]     [USB]     [Fedora Security]

  Powered by Linux