[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [K12OSN] Help with iptables



Almquist Burke wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


On Dec 9, 2008, at 9:44 AM, Brian Chivers wrote:

I'm having some problems with our iptables on our K12LTSP EL5 box. What I'd like to do is force all traffic through our proxy EXCEPT local 192.168 & DMZ 172.16 traffic.

I've copied the notes on the Wiki and that works except the local / DMZ traffic still goes via the proxy. I've added .portsmouth-college.ac.uk to the proxy bypass but this causes the machines to be stopped going to local addresses. I think it's the NAT section that is the problem.

Any ideas ??

Thanks
Brian


It would help is we knew what kind of setup you have on the network, and where your proxy is running in relation to all of this.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (Darwin)

iEYEARECAAYFAkk/kNAACgkQxWV7OPa/g5FhKQCeJlsVePnDJvcOMvaYmgS9adAN
VawAn2SMI0ORuc2YLWFmXfyK6XWA8bft
=LDGo
-----END PGP SIGNATURE-----

_______________________________________________
K12OSN mailing list
K12OSN redhat com
https://www.redhat.com/mailman/listinfo/k12osn
For more info see <http://www.k12os.org>

I'll try and draw a ASCII diagram, try being the word :-)

Thinclients 10.0.0.x
        |
        |
     Server 10.0.0.1
            192.168.0.100
        |
        |
     MAIN NETWORK (All servers on 192.168.0.x/16 - Proxy 192.168.0.80:8080
        |
        |
     Firewall (Green Network - 192.168.0.2)
	      (Orange DMZ - 172.16.0.x)
	      (Red - 212.219.x.x)
        |
        |
      CISCO to Internet

What I don't want to is the thinclients to be able to access the internet WITHOUT the proxy but I'd like them to be able to access the DMZ machines without using the proxy.

Thanks
Brian

------------------------------------------------------------------------------------------------
   The views expressed here are my own and not necessarily

the views of Portsmouth College
[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]