Re: [Nufw-users] nufw and squid in the same machine

nufw-users

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Nufw-users] nufw and squid in the same machine

From:	Eric Leblond
Subject:	Re: [Nufw-users] nufw and squid in the same machine
Date:	Tue, 15 Nov 2005 13:40:32 +0100

> I found nufw while I was looking for a solution to one of my problems: 
> establish squid in a single machine working like transparent proxy and at 
> the same time to obtain user authentication in order by can define different 
> access politics for each system user.

> But I need config all in a single machine.

That was the point, I did not understand.

> The web traffic is redirected with iptables to squid:
> 
> iptables -t nat N proxy
> iptables -t nat -A OUTPUT -p tcp --dport 80 -j proxy
> iptables -t nat -A proxy -m owner --uid-owner squid -j RETURN
> iptables -t nat -A proxy -p tcp -j REDIRECT --to-ports 3128

Then you need to filter in OUTPUT with nufw :

iptables -A OUTPUT -p tcp --dport 80 -m owner ! --uid-owner squid -j QUEUE

That should do the stuff. There may be an issue with negative owner
match but you will easily see if this is the case.

BR,
-- 
Eric Leblond <address@hidden>

[Prev in Thread]

Current Thread

[Next in Thread]

[Nufw-users] nufw and squid in the same machine, maria perez, 2005/11/15
- Re: [Nufw-users] nufw and squid in the same machine, Eric Leblond <=
  - Re: [Nufw-users] nufw and squid in the same machine, maria perez, 2005/11/17

Prev by Date: [Nufw-users] nufw and squid in the same machine
Next by Date: Re: [Nufw-users] nufw and squid in the same machine
Previous by thread: [Nufw-users] nufw and squid in the same machine
Next by thread: Re: [Nufw-users] nufw and squid in the same machine
Index(es):
- Date
- Thread