University Crest

[wlug] iptables question

 
wlug archive index About the wlug list Mailing lists home
To The University of Waikato HomepageWaikato Home > Waikato Mailing Lists > wlug Info > wlug archives
DrWho? x_files_@i...
Mon Apr 26 23:52:08 NZST 2004


At 22:33 26/04/2004, you wrote:

>* DrWho? <x_files_@i...> [2004-04-26 12:19]:
> > At 17:27 26/04/2004, you wrote:
>
>Who is "you"? Can you configure your mailer for proper
>attribution, please?

Not sure what you mean?


> > >Forward outgoing connections to port 80 through Squid (known
> > >as Transparent Proxying) and then get Squid to block access to
> > >the sites that you require.
> >
> > Thanks, will that work for incoming connections as well? and
> > will it stealth the connection? idea is to silence the port
> > scanning kiddies.
>
>Well, you can put the proxy in place of the webserver, and proxy
>to a backend webserver that never communicates with anyone except
>via the proxy -- which is called reverse proxying --, and then
>you could filter incoming connections this way.
>
>But no, obviously neither of these will "stealth" the ports.

I was thinking of something like that, but the non-stealthing is a down side.

The idea is to save the DSL cap from being blown by un-needed offshore 
connections.

It looks like some serious coding is in order for an iptables extension.

The shame of it all is I can do just what I wont in windows using the Kerio 
firewall, but cannot find anything for Linux that will do it.


>--
>Regards,
>Aristotle
>
>"If you can't laugh at yourself, you don't take life seriously enough."
>_______________________________________________
>wlug mailing list | wlug@l...
>Unsubscribe: http://list.waikato.ac.nz/mailman/listinfo/wlug


More information about the wlug mailing list
NOTICE: This is an archive of a public mailing list. The University of Waikato is not responsible for its contents.

The University of Waikato - Te Whare Wananga o Waikato