[K12OSN] Proxying versus the website

Burke Almquist balmquist at mindfirestudios.com
Mon Jul 31 00:04:19 UTC 2006

	I just upgraded our server from K12LTSP 3.1 to 5.0RC2 and moved it  
as well. I finally have almost everything working, except one thing.  
It seems that you cannot use the transparent-proxying/squidguard  
setup if you also want to run a website on the machine. I think it  
has something to do with how the iptables rules are setup. I'm sure  
I'll figure out a way to manually get around this, but it seems like  
this is something we should fix.
	The other thing is that the iptables setup in general is kind of  
messy because there are three scripts that alter the iptables  
rulesets: iptables, transparent-proxying, and nat (I don't think  
iptables-k12ltsp does because it uses the "trusted interface" moniker  
instead of inserting/removing rules). The bottom line is that   
changing iptables and restarting means you have to restart nat and  
transparent-proxy. It also means that rules for the proxying and nat  
could get doubled up if they get saved to iptables and then also run  
by their correct scripts. Those three rulesets should almost really  
be all in iptables. This is probably more a fedora problem in general  
but I thought it was worth mentioning.

More information about the K12OSN mailing list