LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 11-18-2009, 02:23 PM   #1
DurocShark
LQ Newbie
 
Registered: Nov 2009
Distribution: Ubuntu, RedHat
Posts: 5

Rep: Reputation: 0
n00b Question: use router to direct port 80 and 443 traffic to separate proxy server?


This is probably stupid simple, but I haven't seen anything that jumps out at me. I'm happy for educational links too.

--

Coffee shop has two routed networks. One for staff and internal computers, one for public access. They're routed through an old Red Hat 4.1.2 box. The networks are working fine, but we want to use a different web filter that requires it be used as a proxy.

I would prefer not to push out PAC files to visitors and then provide tech support to support that for customers. Can I use the existing routes to direct all the public access 80 and 443 (I may decide to add others later) to the proxy without having to configure their browsers?
 
Old 11-18-2009, 02:50 PM   #2
Tinkster
Moderator
 
Registered: Apr 2002
Location: in a fallen world
Distribution: slackware by choice, others too :} ... android.
Posts: 23,066
Blog Entries: 11

Rep: Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910
Hi, welcome to LQ!

You most certainly can (not that I know which proxy you're intending to use).
Search google for "squid transparent proxy" - that should arm you with enough
ideas on how to use iptables to achieve what you're after.

And I hope that RedHat 4.1.2 means something like RedHat Enterprise Linux (RHEL 4.x);
otherwise I'd like to call you criminally insane ;D.



Cheers,
Tink
 
Old 11-18-2009, 02:57 PM   #3
DurocShark
LQ Newbie
 
Registered: Nov 2009
Distribution: Ubuntu, RedHat
Posts: 5

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by Tinkster View Post

And I hope that RedHat 4.1.2 means something like RedHat Enterprise Linux (RHEL 4.x);
otherwise I'd like to call you criminally insane ;D.



Cheers,
Tink
I hope so too... It doesn't say RHEL anywhere in /proc/version. But the Kernel is 2.6.18 so that at least is sometime this century...

I had ignored the Squid references because we have a commercial web filter, but it didn't occur to me to try to glean the info from there.

Thanks!
 
Old 11-18-2009, 03:00 PM   #4
Tinkster
Moderator
 
Registered: Apr 2002
Location: in a fallen world
Distribution: slackware by choice, others too :} ... android.
Posts: 23,066
Blog Entries: 11

Rep: Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910
Quote:
Originally Posted by DurocShark View Post
I hope so too... It doesn't say RHEL anywhere in /proc/version. But the Kernel is 2.6.18 so that at least is sometime this century...
Have a look at /etc/redhat-release.


Quote:
Originally Posted by DurocShark View Post
I had ignored the Squid references because we have a commercial web filter, but it didn't occur to me to try to glean the info from there.

Thanks!
No worries - hope it works ok for you! Out of curiosity:
which commercial product are you using?


Cheers,
Tink
 
Old 11-18-2009, 03:17 PM   #5
DurocShark
LQ Newbie
 
Registered: Nov 2009
Distribution: Ubuntu, RedHat
Posts: 5

Original Poster
Rep: Reputation: 0
Currently we're using Websense tied to a Juniper firewall. So it's all transparent. But Websense is $$$ so I'm testing a Sophos web appliance right now.
 
Old 11-18-2009, 03:19 PM   #6
DurocShark
LQ Newbie
 
Registered: Nov 2009
Distribution: Ubuntu, RedHat
Posts: 5

Original Poster
Rep: Reputation: 0
redhat-release returns RHEL 5.2. Hmm... I wonder why /proc/version shows Red Hat 4.1?
 
Old 11-18-2009, 04:05 PM   #7
Tinkster
Moderator
 
Registered: Apr 2002
Location: in a fallen world
Distribution: slackware by choice, others too :} ... android.
Posts: 23,066
Blog Entries: 11

Rep: Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910
Quote:
Originally Posted by DurocShark View Post
redhat-release returns RHEL 5.2. Hmm... I wonder why /proc/version shows Red Hat 4.1?
It doesn't :}

That's the compiler version ;}


Cheers,
Tink
 
Old 11-18-2009, 04:07 PM   #8
Tinkster
Moderator
 
Registered: Apr 2002
Location: in a fallen world
Distribution: slackware by choice, others too :} ... android.
Posts: 23,066
Blog Entries: 11

Rep: Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910
Quote:
Originally Posted by DurocShark View Post
Currently we're using Websense tied to a Juniper firewall. So it's all transparent. But Websense is $$$ so I'm testing a Sophos web appliance right now.
If you want to avoid $$$ you could have a look at the
combination Squid/DansGuardian. Does a reasonably good
job - requires some grunt on the machine if you want to
scan content for viruses, though.


Cheers,
Tink
 
Old 11-18-2009, 04:16 PM   #9
jefro
Moderator
 
Registered: Mar 2008
Posts: 15,383

Rep: Reputation: 2198Reputation: 2198Reputation: 2198Reputation: 2198Reputation: 2198Reputation: 2198Reputation: 2198Reputation: 2198Reputation: 2198Reputation: 2198Reputation: 2198
Might look at things like untangle and other open sourced devices. Can run them as virtual machines within other systems.

Should be able to use wpad.dat too.
 
Old 11-19-2009, 07:29 AM   #10
DurocShark
LQ Newbie
 
Registered: Nov 2009
Distribution: Ubuntu, RedHat
Posts: 5

Original Poster
Rep: Reputation: 0
The malware and multi-policy and AD integration are needed, which is why were going commercial.

Websense still doesn't even support NTLMv2, let alone Kerb. NTLMv1 and Lan Manager are disabled on my AD servers.

The battle is between iPrism and Sophos. iPrism pre-sales support was utter crap. Sophos has been great. Plus I use Sophos a/v on the desktops and love it.

As for what the 4.1.2... I did say I was a n00b.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
cannot use ssh with port 443 as proxy bogwato Linux - Networking 2 07-15-2009 05:20 PM
routing traffic for multiple web servers through one port (443 preferably) miedward Linux - Software 3 05-04-2009 03:21 AM
How to block ALL traffic except port 443 carlozrox Linux - Security 2 03-11-2009 06:15 AM
Divertingnetwork traffic on port 80 to a proxy server running on the same host 8118. kondrara Linux - Networking 15 09-23-2008 08:09 AM
Configuring Automatic Redirects from port 80 to port 443 with bundled Apache server kaplan71 Fedora 1 12-28-2007 09:30 AM


All times are GMT -5. The time now is 09:09 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration