On Fri, 27 Sep 2002 08:46:44 -0500 "Bill Day" <[EMAIL PROTECTED]> wrote:
> using apache a proxy to "masquerade" you internal boxes..? I know > ipchains are a thing of the past. but there is a very good reliable > firewall/masquerade program call PMFirewall. I have used it for a long > time with out any major problems. Ihave used it on dialup and with > broadband. They(PMFirewall code gurus) are currently working on a IPTable > program as well.. they have a beta but it is not ready to "get around". Apache does this quite well. I am not unhappy with what it is doing. It is just that as Apache is no longer serving local content, maybe something that is primarily a server would be a better proxy. External proxy connections are attempted on port 80, just like regular http requests. I don't want to block port 80, as we do have a valid server there. It is the content of the commands on port 80, not who they are from, that triggers the blocking. At least I think it is this way. In fact, we have our internal proxy on a non-standard port. -- +============================+===============================+ | Roger Oberholtzer | E-mail: [EMAIL PROTECTED] | | OPQ Systems AB | WWW: http://www.opq.se/ | | Erik Dahlbergsgatan 41-43 | Phone: Int + 46 8 314223 | | 115 32 Stockholm | Mobile: Int + 46 733 621657 | | Sweden | Fax: Int + 46 8 302602 | +============================+===============================+ _______________________________________________ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc -> http://www.linux-sxs.org/mailman/listinfo/linux-users