Home page logo

basics logo Security Basics mailing list archives

RE: email gateway (transparent) - full transparent
From: <arek () chelmnet pl>
Date: Tue, 18 Nov 2003 13:52:00 +0100

It is a guide on how to setup squid (or any other server listening on a
given port) for transparent forced port redirection
No need to kernel hack as that great ipchains/iptables/netfilter
does it for you!
Well :) i'm using with success squid+cisco+other_linuxes_as_redirectors with
wccp too.

there is an info from http://www.tldp.org/HOWTO/TransparentProxy.html
Note that this document focuses only on HTTP proxing. I get many emails
asking about transparent FTP proxying. Squid can't do it.

so HOW to do transparent of MTA, FTP, DNS or any other if the SQUID daemon
is not for that???,,, and what i've seen on kernel, that the only thing
working stuff with REDIRECT firewall target is SQUID .

You should be able to employ the method in this HOWTO to email filter
redirection for your MTA and any other caching, filtering, etc
daemons that
you wish to force traffic through.
SQUID cannot pass any traffic other that WWW (as i've seen from docs),
the transparent ftp cache'ing isn't possible via squid too (only acts as

So what to do ??? the only way i thing is possible is to hack dns replies
for any MX, to pointer to my MTA .

If your interested in a heavier squid filter check out
http://dansguardian.org/ -- Free squid filter with phrase parsing
and I use
the http://www.squidguard.org/blacklist/ blacklists at work
Hope this helps!
Philip Duldig

 Arkadiusz Binder

The Presidio integrates PGP data encryption and XML Web Services security to 
simplify the management and deployment of PGP and reduce overall PGP costs 
by up to 80%.
FREE WHITEPAPER & 30 Day Trial - 

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]