httpd proxy

Roger Oberholtzer roger
Mon May 17 11:38:15 PDT 2004 

On Fri, 27 Sep 2002 08:46:44 -0500
"Bill Day" <bill at daysdomain.com> wrote:

> using apache a proxy to "masquerade" you internal boxes..?  I know
> ipchains are a thing of the past. but there is a very good reliable
> firewall/masquerade program call PMFirewall.  I have used it for a long
> time with out any major problems.  Ihave used it on dialup and with
> broadband. They(PMFirewall code gurus) are currently working on a IPTable
> program as well.. they have a beta but it is not ready to "get around".

Apache does this quite well. I am not unhappy with what it is doing. It is
just that as Apache is no longer serving local content, maybe something that
is primarily a server would be a better proxy.

External proxy connections are attempted on port 80, just like regular
http requests. I don't want to block port 80, as we do have a valid server
there. It is the content of the commands on port 80, not who they are from,
that triggers the blocking. At least I think it is this way. In fact, we
have our internal proxy on a non-standard port.


-- 
+============================+===============================+
| Roger Oberholtzer          |   E-mail:        roger at opq.se |
| OPQ Systems AB             |      WWW:  http://www.opq.se/ |
| Erik Dahlbergsgatan 41-43  |    Phone: Int + 46 8   314223 |
| 115 32 Stockholm           |   Mobile: Int + 46 733 621657 |
| Sweden                     |      Fax: Int + 46 8   302602 |
+============================+===============================+

More information about the Linux-users mailing list