On Sunday 28 October 2007 01:31:38 Joe Morris (NTM) wrote: > On 10/28/2007 05:56 AM, primm wrote: > >> So we have a 192.168.1.x net on the lan side and a 192.168.0.x net on > >> the adsl side of the linux router correct? > > > > Yes. It's as simple as that. I want some machines to have direct access > > all the time and some machines to be controlled by the proxy. IOW I can > > turn the Internet on or off for the proxied boxes. but still work on the > > non proxied boxes. > > Put the ones you want to have direct access in the FW_MASQ_NETS, i.e. > 192.168.1.2/32 192.168.1.3/32, and the ones you want to redirect through > squid in FW_REDIRECT, i.e. 192.168.1.4/32,0/0,tcp,80,3128, same for the > other. HTH >
Hi Joe Thanks for the confirmation. I thought it was me going mad. That's exactly what I had in 10.2 (except I had /24 not /32 as the mask) and what I've tried to do in 10.3. In 10.2 it works. In 10.3 it doesn't. I can't find anything explaining the differences between /etc/sysconfig/SuSEfirewall2 in 10.2 and 10.3. I know there are. But it's obviously a secret. L xxx -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]