I have set up a SuSE 10.1 linux box between my network switch and my ADSL router, and I want it to act as a proxy. So far, I've got Squid working fine - no complaints there.
However, my network PC's cannot send/receive emails if they use the linux box as a gateway. Logic tells me this is because the linux box is actively refusing connections from/to those ports. I don't need a firewall on linux at the moment, so I don't mind opening everything (even if it is just for now, so I can set everything up without worrying about access violations).
So, i've got the following idea. Please comment:
IN /etc/ini.d/boot.local, ADD:
IN /fwscripts/fwinit.sh, TYPE:Code:
Is this correct? And if it is, will it allow my network PC's to send/receive emails, etc?Code:
iptables -P INPUT ACCEPT
iptables -A INPUT -j ACCEPT
iptables -P OUTPUT ACCEPT
iptables -A OUTPUT -j ACCEPT
iptables -P FORWARD ACCEPT
iptables -A FORWARD -j ACCEPT
My second question is this: in order to make a transparent proxy, is this the correct iptables line to use:
And, is this correct for squid.conf:Code:
iptables -t nat -A PREROUTING -i eth0 -p tcp –dport 80 -j REDIRECT –to-port 3128
Your input/comments/help/etc on these 2 questions would be much appreciated :) I know very little about iptables, and I am busy going through the man-pages.. yet they just give me an overall picture, and I need an actual example to actually get the hang of it.Code: