From owner-freebsd-questions@FreeBSD.ORG Sun Sep 12 13:44:57 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D45F416A4CE for ; Sun, 12 Sep 2004 13:44:57 +0000 (GMT) Received: from mproxy.gmail.com (rproxy.gmail.com [64.233.170.207]) by mx1.FreeBSD.org (Postfix) with ESMTP id 74E0E43D53 for ; Sun, 12 Sep 2004 13:44:57 +0000 (GMT) (envelope-from subhro.kar@gmail.com) Received: by mproxy.gmail.com with SMTP id v18so250251rnb for ; Sun, 12 Sep 2004 06:44:56 -0700 (PDT) Received: by 10.38.8.74 with SMTP id 74mr889826rnh; Sun, 12 Sep 2004 06:44:56 -0700 (PDT) Received: by 10.38.206.15 with HTTP; Sun, 12 Sep 2004 06:44:56 -0700 (PDT) Message-ID: Date: Sun, 12 Sep 2004 19:14:56 +0530 From: Subhro To: JP In-Reply-To: <20040912073141.46863.qmail@web40104.mail.yahoo.com> Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit References: <2301747004091123051fa978f8@mail.gmail.com> <20040912073141.46863.qmail@web40104.mail.yahoo.com> cc: freebsd-questions@freebsd.org Subject: Re: Proxy/Firewall Question X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Subhro List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 12 Sep 2004 13:44:58 -0000 That is expected. After all that is all about proxy. When NAT is enabled then you can ping outside world, that is fine. If you want to provide transparent access to the clients, then you need to enable NAT. You can control the type of access provided (browsing, IRC, IMs, etc) by blocking(opening) the required ports from the firewall. Alternatively, as you say...PROXY, you wont be able to ping outside and the clients have to explicitly configure their softwares to use the proxy running on the BSD Box. Regards S. On Sun, 12 Sep 2004 00:31:41 -0700 (PDT), JP wrote: > Thank you, I am using the standard firewall and > firewall script that came with FreeBSD. By default, > everything on the firewall is set to open. I > attempting what you suggested (disabling nat) and I > could no longer get ou to see the net. I could ping > the FreeBSD box just fine, but nothing beyond that. > > Suggestions? > > > --- Shantanoo wrote: > > > On Sat, 11 Sep 2004 22:48:50 -0700 (PDT), JP > > wrote: > > > Hello Gang, > > > > > > I am a novice at this so please bear with me. I > > have > > > successfully configured Squid, Nylon and my > > firewall, > > > my question is how do I disable any net traffic > > that > > > is not going through the proxy? It would be best > > for > > > all LAN traffic (telnet, ftp, chat, socks, etc) to > > > pass through the proxy otherwise get dropped. > > > > > > I would imagine its a Windows configuration thing > > but > > > I am not for certain. > > > > > > Thanks, > > > JP > > > > > disable NATting. > > using firewall allow connections to ports on which > > squid and/or nylon > > is listening. > > > > BTW, which firewall are you using? > > > > Shantanoo > > > > _______________________________ > Do you Yahoo!? > Express yourself with Y! Messenger! Free. Download now. > http://messenger.yahoo.com > > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" > -- Subhro Sankha Kar School of Information Technology Block AQ-13/1 Sector V ZIP 700091 India