Re: [Shorewall-users] mangle TPROXY

2020-10-04 Thread Tuomo Soini
On Mon, 5 Oct 2020 01:42:59 +0200 Vieri Di Paola wrote: > > I seriously doubt that the TLS handshake works when you try using > > HTTPS. The proxy is a 'man in the middle' in that case. You can't do transparent proxy for https. -- Tuomo Soini Foobar Linux services +358 40 5240030 Foobar Oy

Re: [Shorewall-users] Shorewall reload doesn't reload?

2020-10-04 Thread Simon Matter
> On 10/4/20 10:18 AM, Matt Darfeuille wrote: >> On 10/4/2020 6:58 PM, Simon Matter wrote: >>> Hi, >>> >>> I've just updated Shorewall from 5.2.7 to 5.2.8 and did a reload just >>> to >>> see that the rules haven't been updated: >>> >>> [root@abc ~]# shorewall reload >>> Reloading Shorewall >>>

Re: [Shorewall-users] mangle TPROXY

2020-10-04 Thread Vieri Di Paola
On Sun, Oct 4, 2020 at 7:58 PM Tom Eastep wrote: > > On 10/2/20 4:19 AM, Vieri Di Paola wrote: > > Hi, > > > > I have some clients in a LAN that require access to WAN through a > > transparent Squid web proxy on FW. > > > > I have this in mangle: > > > > # METHOD 1: > > DIVERT $IF_WAN

Re: [Shorewall-users] mangle TPROXY

2020-10-04 Thread Tom Eastep
On 10/2/20 4:19 AM, Vieri Di Paola wrote: > Hi, > > I have some clients in a LAN that require access to WAN through a > transparent Squid web proxy on FW. > > I have this in mangle: > > # METHOD 1: > DIVERT $IF_WAN $PROXY_SOURCE_WAN > tcp - 80 > TPROXY

Re: [Shorewall-users] Shorewall reload doesn't reload?

2020-10-04 Thread Tom Eastep
On 10/4/20 10:18 AM, Matt Darfeuille wrote: > On 10/4/2020 6:58 PM, Simon Matter wrote: >> Hi, >> >> I've just updated Shorewall from 5.2.7 to 5.2.8 and did a reload just to >> see that the rules haven't been updated: >> >> [root@abc ~]# shorewall reload >> Reloading Shorewall >> Initializing..

Re: [Shorewall-users] Shorewall reload doesn't reload?

2020-10-04 Thread Matt Darfeuille
On 10/4/2020 6:58 PM, Simon Matter wrote: > Hi, > > I've just updated Shorewall from 5.2.7 to 5.2.8 and did a reload just to > see that the rules haven't been updated: > > [root@abc ~]# shorewall reload > Reloading Shorewall > Initializing... > Processing /etc/shorewall/init ... >Setting

[Shorewall-users] Shorewall reload doesn't reload?

2020-10-04 Thread Simon Matter
Hi, I've just updated Shorewall from 5.2.7 to 5.2.8 and did a reload just to see that the rules haven't been updated: [root@abc ~]# shorewall reload Reloading Shorewall Initializing... Processing /etc/shorewall/init ... Setting net.netfilter.nf_conntrack_max = 1048576 Processing /etc/shore