I was recently informed my network setup was
incorrect and I needed to use a dual-homed proxy server. So now
I'm reworking my setup where the outside network, firewall, proxy, and
intranet are aligned serially. I've got IP forwarding enabled on
my firewall and disabled on the proxy. When I try to ping or access a web
server from behind the proxy I noticed on the proxy the iptables
PREROUTING counter would tick upwards. Is it the right thing to disable IP
forwarding on the proxy? If so, how can I get the packets through without
mangling the destination IP? Is there something else I'm completely
missing?
|