Re: [Shorewall-users] Second Proxy

On 5/26/10 12:52 AM, Watanabe Anderson wrote:

>
> Now, I need to create a second option, to use the Squid Proxy at
> Shorewall "B", (10.21.2.6/24), from 10.11.1.0/24, 10.21.2.0/24 and
> 10.31.3.0/24.
>
>
> At my "/etc/shorewall/rules", I have:
>
> REDIRECT loc-a 3128 tcp 80
> REDIRECT loc-b 3128 tcp 80
> REDIRECT loc-c 3128 tcp 80
> ACCEPT $FW net
>
>
> Now, I need that 10.11.1.51~10.11.1.100 can access the proxy server on
> 10.21.2.6 ip address?
>
>
> REDIRECT loc-a:10.11.1.51-10.11.1.100 10.21.2.6:3128 tcp 80 (is
> it correct ???)

No.

>
>
> Who can help me?
>

You need a DNAT rule rather than a REDIRECT rule. See
http://www.shorewall.net/Shorewall_Squid_Usage.html#DMZ.

-Tom
-- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________

------------------------------------------------------------------------------

_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users

• This message: [ Message body ]
• Next message: sangprabv: "[Shorewall-users] Connectivity Test"
• Previous message: Tom Eastep: "Re: [Shorewall-users] OpenvVZ, zones and connection between containers"
• In reply to: Watanabe Anderson: "[Shorewall-users] Second Proxy"

• Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ]