[K12OSN] transparent proxying with LTSP

Mike Ely mely at rogueriver.k12.or.us
Thu Feb 23 17:18:44 UTC 2006

Brad Johnson wrote:
> On Feb 23, 2006, at 10:28 AM, Mike Ely wrote:
>>> Ok guys, after a little googling, here is what I came up with.   Now, 
>>> before I do this, please know that I am not currently running  ANY 
>>> type of firewall on this LTSP box.  If I create the following  entry, 
>>> do I need to then create additional entries to allow other  types of 
>>> traffic?  I don't want my LTSP box to stop working  because of the 
>>> following rules:
>>> iptables -t nat -A PREROUTING -i $INTERFACE -p tcp --dport 80 -j  
>>> DNAT --to dansguardian/squid box:8080
>>> Someone please tell me it's this easy!
>> Actually, it's easier.  I've been running ipcop for a while here,  and 
>> really you can just let 'er rip - don't bother with that  ruleset. 
>> Install the advproxy and urlfilter mods for ipcop ( http:// 
>> www.advproxy.net/ ), turn on "transparent mode" for the proxy, and  
>> you're golden.  If you set the ports the way you have indicated,  you 
>> will break pages that specifically run on port 8080...
>> Cheers,
>> Mike
> Ok, so here's what I've got......
> LTSP network connects to LSTP server--connects to remainder of LAN-- 
> connects to Internet.  Where do I put the IPCop Box....do I put it  
> directly between LTSP and the remainder of the LAN?

Ours sits between our LAN and the internet.  If the clients on your LAN 
are transparently proxied, then your LTSP clients will also.  This 
applies to your current configuration as well.


More information about the K12OSN mailing list