[ILUG] proxy server question
allmanj at houseofireland.com
Fri Sep 13 12:42:16 IST 2002
This question is pretty simple. Is there a good reason to keep a proxy
server from forwarding packets at the ip level? At the moment the proxy
server has been configured (not by me) not to. In fact, the person who
set it up went out of his way not to do this.
As well as a squid proxy, this machine is acting as a gateway between
the internal network and a mailserver and the internal network and two
remote machines which are administered via ssh. Atm it is using a little
program called portfwd to catch these requests and forward them on. And
herein lies the difficulty. I traced down some bizarreness there a few
days ago (see the thread "Openssh daemon strangeness") while trying to
backup part of one of the remote machines with rsync and ssh to this
portfwd daemon (i missed it at first because passing stop to the init
script made it print out a nice message but do nothing otherwise). It
appears all the traffic going through it has caused it to seize up. A
killall portfwd and a restart of the daemon made it work again. For
about a minute.
It would be very simple to use iptables to do my forwarding for me, but
before i do i'd like to know if there's a good reason not to do this...
any suggestions or advice would be appreciated
More information about the ILUG