On Mon, 5 Oct 2020 01:42:59 +0200
Vieri Di Paola wrote:
> > I seriously doubt that the TLS handshake works when you try using
> > HTTPS. The proxy is a 'man in the middle' in that case.
You can't do transparent proxy for https.
--
Tuomo Soini
Foobar Linux services
+358 40 5240030
Foobar Oy
> On 10/4/20 10:18 AM, Matt Darfeuille wrote:
>> On 10/4/2020 6:58 PM, Simon Matter wrote:
>>> Hi,
>>>
>>> I've just updated Shorewall from 5.2.7 to 5.2.8 and did a reload just
>>> to
>>> see that the rules haven't been updated:
>>>
>>> [root@abc ~]# shorewall reload
>>> Reloading Shorewall
>>>
On Sun, Oct 4, 2020 at 7:58 PM Tom Eastep wrote:
>
> On 10/2/20 4:19 AM, Vieri Di Paola wrote:
> > Hi,
> >
> > I have some clients in a LAN that require access to WAN through a
> > transparent Squid web proxy on FW.
> >
> > I have this in mangle:
> >
> > # METHOD 1:
> > DIVERT $IF_WAN
On 10/2/20 4:19 AM, Vieri Di Paola wrote:
> Hi,
>
> I have some clients in a LAN that require access to WAN through a
> transparent Squid web proxy on FW.
>
> I have this in mangle:
>
> # METHOD 1:
> DIVERT $IF_WAN $PROXY_SOURCE_WAN
> tcp - 80
> TPROXY
On 10/4/20 10:18 AM, Matt Darfeuille wrote:
> On 10/4/2020 6:58 PM, Simon Matter wrote:
>> Hi,
>>
>> I've just updated Shorewall from 5.2.7 to 5.2.8 and did a reload just to
>> see that the rules haven't been updated:
>>
>> [root@abc ~]# shorewall reload
>> Reloading Shorewall
>> Initializing..
On 10/4/2020 6:58 PM, Simon Matter wrote:
> Hi,
>
> I've just updated Shorewall from 5.2.7 to 5.2.8 and did a reload just to
> see that the rules haven't been updated:
>
> [root@abc ~]# shorewall reload
> Reloading Shorewall
> Initializing...
> Processing /etc/shorewall/init ...
>Setting
Hi,
I've just updated Shorewall from 5.2.7 to 5.2.8 and did a reload just to
see that the rules haven't been updated:
[root@abc ~]# shorewall reload
Reloading Shorewall
Initializing...
Processing /etc/shorewall/init ...
Setting net.netfilter.nf_conntrack_max = 1048576
Processing /etc/shore