[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[suse-security] SuSEfirewall2 for transparent ftp-proxy (proxy-suite)?



Hi folks,

Has anyone made SuSEfirewall2 work with ftp-proxy (proxy-suite) in transparent mode?

I have set everything up according to the mini-howto except using SuSEfirewall2 instead of direct ipchains commands. Non-transparent mode (UseMagicChar etc) works fine (and so does my transparent Squid http proxy), but when I attempt to ftp in tranparent mode eg
$ ftp ftp.suse.de
then I get the following message:
   USER-WRN requested transparent proxy dest 192.168.3.3 is local
                                             ^^^^^^^^^^^
This is the internal address of my firewall (running the proxy).

Is there is something about the way SuSEfirewall2 does redirection that loses the original destination address? Or does it work for everyone else and I've just messed up the configuration?

A few details:
I do not use masquerading, since the external network is connected to the Internet with a ADSL modem/bridge that does NAT, so I redirect with FW_FORWARD. I am interested only in FTPing from the internet to local machines.

I am using SuSEfirewall2-3.1-28 and ftp proxy "(Version 1.7tp7 - 2001/06/20 21:05:20)" on SuSE 7.2 (kernel 2.4.4) straight off the CD (apart from those two packages).

Thanks for your help,

Tim

_________________________________________________________________
Surf the net and talk on the phone with Xtra Jetstream @ http://www.xtra.co.nz/products/0,,5803,00.html !


--
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here