routing / firewall question
Brian Kelsay
Brian.Kelsay at kcc.usda.gov
Mon Sep 27 08:47:23 CDT 2004
Just curious, why do you run DHCP by itself on one box on a 4 node network. That could easily be moved to the firewall or combined on one of the other boxes. It usually is combined with DNS. I know that is not the point of your question, but I don't understand the need for a separate box.
Never heard of privoxity so I'll have to check it out. I assume it is an add-on to squid. I also don't understand the need for a proxy of this sort for one person. Are you just playing around or do you need to test this setup for something. Sorry, I just don't see the point.
Brian Kelsay
>>> hanasaki <> 09/24/04 09:54PM >>>
the network is
Internet <=> firewall Linux with two NICs
firewall <=> internal network
The internal network has hosts with the following:
hostA - one NIC
SMTP
hostB - one NIC
http/https
hostC - one NIC
DHCP server
hostD - one NIC
squid http proxy : port 8080
privoxity http proxy filter : port 8081
privoxity forwards to squid
squid sends to the outside world
should the order be swapped? why? why not?
The DHCP server tells clients to route via hostD
How can hostD be setup so that it is a transparent proxy? Currently all
clients set their http proxy to hostD on the privocity port. I know
some IPtables rules will be needed on hostD, but don't know what to set.
Will routing rules need to be set on hostD? What are they?
More information about the Kclug
mailing list