Firewall Problem

General discussion about PLUC and Linux in Pakistan.
zAm
Havaldaar
Posts: 148
Joined: Wed Oct 19, 2005 9:28 am
Location: Pakistan, Karachi
Contact:

Firewall Problem

Postby zAm » Wed Nov 30, 2005 12:09 pm

Hello Guys ,
I am having a problem with our internet cable network. we'r using Linux Redhat Fedora Core 3 as a gateway with Squid Proxy Server & IPtables firewall & other 2 servers , one is ISA Server for Browsing & the another one is for socks . the problem is that linux is forwarding all the SSL sites to our socks server that we don't want. we setup socks server to listen only for Instant Messengers .. can somebody tell me how could i resolve this issue.
Regards,
zAm (Lyarianz Internet Cable Network - Network Administrator)
Proud To Be Lyarianz !

LinuxFreaK
Site Admin
Posts: 5132
Joined: Fri May 02, 2003 10:24 am
Location: Karachi
Contact:

Re:

Postby LinuxFreaK » Thu Dec 01, 2005 1:38 pm

Dear zAm,
Salam,

FYI, http://www.linuxpakistan.net/forum2x/vi ... php?t=3772

Best Regards.
Farrukh Ahmed

zAm
Havaldaar
Posts: 148
Joined: Wed Oct 19, 2005 9:28 am
Location: Pakistan, Karachi
Contact:

Re: What Should I Need To Do ?

Postby zAm » Fri Dec 02, 2005 10:31 am

Proud To Be Lyarianz !

LinuxFreaK
Site Admin
Posts: 5132
Joined: Fri May 02, 2003 10:24 am
Location: Karachi
Contact:

Re:

Postby LinuxFreaK » Fri Dec 02, 2005 12:27 pm

Farrukh Ahmed

zAm
Havaldaar
Posts: 148
Joined: Wed Oct 19, 2005 9:28 am
Location: Pakistan, Karachi
Contact:

Postby zAm » Fri Dec 02, 2005 12:44 pm

Proud To Be Lyarianz !

LinuxFreaK
Site Admin
Posts: 5132
Joined: Fri May 02, 2003 10:24 am
Location: Karachi
Contact:

Re:

Postby LinuxFreaK » Fri Dec 02, 2005 3:31 pm

Farrukh Ahmed

zAm
Havaldaar
Posts: 148
Joined: Wed Oct 19, 2005 9:28 am
Location: Pakistan, Karachi
Contact:

the Problem still exists

Postby zAm » Mon Dec 05, 2005 7:23 am

Proud To Be Lyarianz !

LinuxFreaK
Site Admin
Posts: 5132
Joined: Fri May 02, 2003 10:24 am
Location: Karachi
Contact:

Re: the Problem still exists

Postby LinuxFreaK » Mon Dec 05, 2005 9:04 am

Dear zAm,
Salam,

Not a proper way but might help you.

# iptables -t nat -A PREROUTING -s LANIP -p tcp --dport 443 -j REDIRECT --to-port SUQIDPORT

Best Regards.
Farrukh Ahmed

zAm
Havaldaar
Posts: 148
Joined: Wed Oct 19, 2005 9:28 am
Location: Pakistan, Karachi
Contact:

please look as my squid & iptables configuration files

Postby zAm » Mon Dec 05, 2005 6:05 pm

Hello,
LinuxFreak......... now you must looking for me to kill me after knowing that my problem still exists :p hehe ... i am really pissed off now for this sticky problem ......
here's my squid & iptables configurations files ....
please check out these & suggest me what to do , which really works ......
thanks
Regards,
zAm (Lyarianz Internet Cable Network)
Last edited by zAm on Fri Dec 09, 2005 8:26 am, edited 1 time in total.
Proud To Be Lyarianz !

LinuxFreaK
Site Admin
Posts: 5132
Joined: Fri May 02, 2003 10:24 am
Location: Karachi
Contact:

Re:

Postby LinuxFreaK » Wed Dec 07, 2005 1:11 am

Farrukh Ahmed

zAm
Havaldaar
Posts: 148
Joined: Wed Oct 19, 2005 9:28 am
Location: Pakistan, Karachi
Contact:

the problem still exists

Postby zAm » Wed Dec 07, 2005 4:43 am

Hello,
LinuxFreak, well whatever you told me to change in squid.conf , doesn't make a sense because i could access httpS webpages while using Proxy in IE , as i could see ..... it's all about Transparent Proxying which is done with port 80 --to-port 8080 (squid box port) ... it's working fine but it's not working with another port like 443 which u told me before to ....
anyway's i edit the following line
"http_access allow CONNECT !SSL_ports"
TO
"http_access allow CONNECT SSL_ports"
but still the problem exists .... have u tried transparent proxying with port 443 ?? does it works to you ? anyway's thanks alot for helping me out .. i must find a good Linux Administrator for our network ........ hope i got one sooon ..... thanks once again for your kind replies ........ take care buddy ......... Allah Hafiz
Regards,
zAm (Lyarianz Internet Cable Network)
Proud To Be Lyarianz !


Return to “General”

Who is online

Users browsing this forum: No registered users and 1 guest