Re: [Ltsp-discuss] LTSP Server and client IP Addresses

Thu, 12 Jul 2007 02:49:29 -0700 

The LTSP traffic (X and NFS) take place on your eth0:1, but the applications 
are running on the server whose primary interface is eth0. There isn't 
anything unexpected happening here.

I think I know what you want to do: force users to use the proxy in order to 
get to the web. The simplest way (there may be others) would be to either run 
a transparent proxy on your perimeter firewall (eg. IPCop), or to run the 
proxy on a stand-alone machine (separate from your LTSP server) and only 
allow web traffic from that (proxy) machine to pass  through the firewall.

On Thursday 12 July 2007 05:29, Don Robertson wrote:
> Greetings,
>
> I know the LTSP Clients run using the server ip address. I have assigned
> two ip addresses to the server. One IP address is a Squid proxy server,
> the other should be the LTSP server.
>
> I want to set the firewall to reject anything that does not come from
> the proxy, but the clients seem to connect to the proxy with using
> whatever ip the proxy is set to.
>
> I have set LTSP_ETH_INTERFACE=eth0:1 (which is 192.168.1.6) in
> ltsp.config, and set the proxy to listen to 192.168.1.3.
>
> But for the clients to access web sites I still need a
>
> acl webopac_terms     src 192.168.1.3/255.255.255.255
>
> And
>
> http_access allow webopac_terms webopac_dests
>
> to allow the ltsp clients to visit the allowed sites on the internet.
> Using a rule
>
> acl webopac_terms     src 192.168.1.3/255.255.255.255
>
> does not work.
>
> I find this some what weird - a hidden feature, perhaps? Anyway - is
> there any way to force the client to use the LTPS IP address?
>
>
> don

-- 
        "History doesn't repeat itself; at best it rhymes."
                        - Mark Twain

| John Lucas                          [EMAIL PROTECTED]               |
| St. Thomas, VI 00802                http://mrjohnlucas.googlepages.com/ |
| 18.3°N, 65°W                        AST (UTC-4)                         |

-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_____________________________________________________________________
Ltsp-discuss mailing list.   To un-subscribe, or change prefs, goto:
      https://lists.sourceforge.net/lists/listinfo/ltsp-discuss
For additional LTSP help,   try #ltsp channel on irc.freenode.net

Reply via email to