LinuxQuestions.org
Latest LQ Deal: Linux Power User Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 11-28-2011, 11:04 PM   #16
aazkan
Member
 
Registered: Jan 2008
Posts: 72

Rep: Reputation: 5

Sorry, I have been busy in Real Life (TM)

Your ip_forward looks good.
For your iptables -L -nv -t nat output, the eth0 does not need to be redirected to tcp 3128. I'm assuming eth0 goes to the internet/public.
You only need to forward/redirect your eth1 (LAN) to tcp 3128 squid.

As for blocking bittorrent, I set my iptables a bit different and probably not suitable for your setup. Basically I do not masqurade all clients out, only selected client IPs to selected ports only.
Also in my iptables FORWARD i explicitly deny all high ports not destined for the LAN, something like this:

iptables -A FORWARD -p tcp -s my.lan.network/24 --sport 1024:65535 -d ! my.lan.network/24 --dport 1024:65535 -j REJECT
iptables -A FORWARD -p udp -s my.lan.network/24--sport 1024:65535 -d ! my.lan.network/24 --dport 1024:65535 -j REJECT

I've heard about L7 iptables but to be honest have not used one.
Perhaps this link could shed some light.

http://serverfault.com/questions/270...-p2p-protocols



I'm not sure is squid can block bittorrent, perhaps or possibly it is possible but i'd imagine your acl needs to some configuration to block them
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
mplayer plugins don't work with seamonkey browser bhert Linux - Software 6 09-28-2006 07:10 PM
Evolution URL's don't call browser anymore WildDrake! Linux - Software 0 03-27-2005 08:07 PM
Fedora 2 and 3 and redhat8 don't install browser by default learnfast Linux - Newbie 1 03-12-2005 12:53 AM
hyperlinks don't open browser Steel Shepherd Linux - Software 6 02-17-2004 12:11 PM
Email links don't start browser blcvegas Linux - Newbie 1 02-02-2004 04:14 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 03:00 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration