Re: Pinging through a non-transparent proxy

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Tim wrote:
On Thu, 2008-02-07 at 16:13 -0500, Joe Tseng wrote:
I have a test network set up where the internal network, proxy and
firewall are connected serially.  I don't have IP forwarding enabled
on the proxy and currently I'm only able to ping up to the proxy's
external interface.  Would anyone happen to know the iptables rules
needed to allow for me to ping past that point or is the answer to my
problem somewhere else?

More specific details would be needed about your setup.

Pinging is yet another type of traffic (ICMP, usually).  It isn't
something that's going to be proxied like Squid proxies HTTP, FTP, and
few others.  Start by looking at your firewall rules that deal with
ICMP, and your generic overall default rules.

The simple-minded way would be to set the box up to do generic forwarding with NAT, but deny everything in iptables except what you want to let through. (And if you want pings, you'll probably want traceroute next...).

--
  Les Mikesell
   lesmikesell@xxxxxxxxx



[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux