[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
Hi Thanks for you quick responce, I will have a look tomorrow and check what modules are loaded. Thanks again Sam ----- Original Message ----- From: "Simon Waters" <simon@xxxxxxxxxxxxxx> To: <list@xxxxxxxxxxxxx> Sent: Tuesday, August 26, 2008 8:49 PM Subject: Re: [LUG] iptables NAT problem? > Sam Grabham wrote: >> >> At the end of the day i am trying to Proxy a hidden server to the web >> with out showing it's real network info. >> >> I tried Squid as a reverse proxy, but found i could only get port 80 to >> proxy. I wanted port 21 and 443 to also proxy but wouldn't work. >> The SSL (443) cert is based on Domain name only so IP doesn't affect it >> as long as the domain name resolves to the external IP. > > Not tried port 21. > > Port 443 won't cache in squid unless you terminate the SSL tunnel in > Squid. > > The Centos Squid is compiled with the SSL code enabled (unlike Debian's > - grr), so it ought mostly to be a case of copying the examples in the > documentation (and copying the Apache certificate and server key to the > squid box). > > You can terminate the SSL tunnel in squid, decrypt, cache and proxy, and > connect via SSL to the server. But that is quite complicated if you > insist on checking the whole certificate chain for the server (as you > should!). > > The iptables stuff looks plausible. Have you got all the kernel modules > you need loaded? Any errors logged when you start it up, or try and use > it? > > -- > The Mailing List for the Devon & Cornwall LUG > http://mailman.dclug.org.uk/listinfo/list > FAQ: http://www.dcglug.org.uk/linux_adm/list-faq.html > > No virus found in this incoming message. > Checked by AVG. > Version: 8.0.138 / Virus Database: 270.6.9/1635 - Release Date: 8/26/2008 > 7:29 AM > > > -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/linux_adm/list-faq.html