[ILUG] Squid and Firewall
Paul Kelly
longword at esatclear.ie
Thu Nov 29 14:47:29 GMT 2001
Declan Grady wrote:
> Now, security is my next target... I am looking at ipchains firewalling
> rules, but I'm a bit confused about what local ip's to use.
>
> Since my browsers will all be pointed to squid, do i need masquerading ?
No need to use masquerading at all if you only intend your clients to
have internet access exclusively through Squid, and your firewall should
not be doing any packet routing at all ( echo "0"
>/proc/sys/net/ipv4/ip_forward )
You should look into using iptables with a 2.4 kernel rather than
ipchains - iptables looks a little harder but works out way easier.
Paul.
More information about the ILUG
mailing list