[ale] SuSEfirewall2 in 10.1 configuration

Dow_Hurst dhurst at mindspring.com
Mon Aug 7 11:52:02 EDT 2006


I'm wondering how to setup the variables correctly on a laptop.  It has a single interface pointing to a masqueraded home LAN.  I want to have the laptop's SuSEfirewall2 (running tinyproxy and dansguardian) set to redirect any packets to port 80 originating from a user's browser forced to port 8080.

Tinyproxy binds to all interfaces eg. ra0 and lo and is available on port 3128
Dansguardian set to port 3128 and port 8080

Web browsers are set to point to a proxy at 8080 on the laptop

Do I need:
FW_ROUTE="yes"
FW_REDIRECT="192.168.1.0/24,0/0,tcp,80,8080 192.168.1.0/24,0/0,tcp,443,8080"

Or, is the SuSEfirewall2 scripts just not appropriate for this and I need a simple iptables ruleset?  If so can the dhcp address assigned to ra0 be accessed to configure the rules for setting up the proxy redirection protection?  The goal to not allow a browser being reset to not use the proxies to get to the Internet.  Right now if you reset the browser's to not use the proxies you still can surf but without any protection from bad content.
Thanks!
Dow




No sig.



More information about the Ale mailing list