Hi all <-> Ricky
As I have successfully configured Squid Transparent proxy. This happnd 3 month back.
Now I am facing some problems. My squid server Ip has been in Included in the black list stating some one is using my Ip for spaming. So my clients are not able to send mails and browse certain servers.
Now what i have to do, what security tunning has b done. I am putting the transparent proxy script which i have written in rc.nat.
iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE
iptables --append FORWARD --in-interface eth1 -j ACCEPT
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j REDIRECT --to-port 3128
echo 1 > /proc/sys/net/ipv4/ip_forward
and i have open ssh port 22 for remote access. Do i need to block that.
if s how can i enable to a particular IP say 61.9.89.2
I need help desperately
Transparent proxy security
-
- Site Admin
- Posts: 5132
- Joined: Fri May 02, 2003 10:24 am
- Location: Karachi
- Contact:
Re:
Dear ilias,
Salam,
This rule should work !!
# iptables -I INPUT -s 61.9.89.2 -p tcp --dport 22 -j ACCEPT
Best Regards.
Salam,
This rule should work !!
# iptables -I INPUT -s 61.9.89.2 -p tcp --dport 22 -j ACCEPT
Best Regards.
Farrukh Ahmed
-
- Battalion Quarter Master Havaldaar
- Posts: 228
- Joined: Fri Jan 28, 2005 6:23 pm
- Location: Karachi
salam
Dear ilias,
Looks like someone find open proxy or may be some guy in your network spam from it.
Just allow your network to use squid and block all other access to your squid server.
Regards,
M Asad Rasheed
Looks like someone find open proxy or may be some guy in your network spam from it.
Just allow your network to use squid and block all other access to your squid server.
Regards,
M Asad Rasheed
registered linux user #394856
http://www.bsdpakistan.org
http://www.bsdpakistan.org