[K12OSN] Proxying versus the website
Burke Almquist
balmquist at mindfirestudios.com
Mon Jul 31 00:04:19 UTC 2006
I just upgraded our server from K12LTSP 3.1 to 5.0RC2 and moved it
as well. I finally have almost everything working, except one thing.
It seems that you cannot use the transparent-proxying/squidguard
setup if you also want to run a website on the machine. I think it
has something to do with how the iptables rules are setup. I'm sure
I'll figure out a way to manually get around this, but it seems like
this is something we should fix.
The other thing is that the iptables setup in general is kind of
messy because there are three scripts that alter the iptables
rulesets: iptables, transparent-proxying, and nat (I don't think
iptables-k12ltsp does because it uses the "trusted interface" moniker
instead of inserting/removing rules). The bottom line is that
changing iptables and restarting means you have to restart nat and
transparent-proxy. It also means that rules for the proxying and nat
could get doubled up if they get saved to iptables and then also run
by their correct scripts. Those three rulesets should almost really
be all in iptables. This is probably more a fedora problem in general
but I thought it was worth mentioning.
More information about the K12OSN
mailing list