Date: Mon, 29 Jun 1998 09:29:35 -0400 From: Luis Munoz <lem@cantv.net> To: Bo Fussing <bmf@gateway.net.hk> Cc: Evren Yurtesen <yurtesen@ispro.net.tr>, freebsd-isp@FreeBSD.ORG Subject: Re: cisco Message-ID: <3.0.5.32.19980629092935.03b12830@pop.cantv.net> In-Reply-To: <Pine.LNX.3.96.980629145211.10591J-100000@gate.gateway.net. hk> References: <Pine.BSF.3.96.980629091443.2917C-100000@finland.ispro.net.tr>
next in thread | previous in thread | raw e-mail | index | archive | help
At 02:53 PM 29/06/1998 +0800, Bo Fussing wrote: [snip] >> hello >> this is not exactly related to freebsd, sorry but... :) >> well I want to restrict my users to use port 80 to surf on the net, >> instead I want them to use my proxy server at port 8080. >> because I have limited bandwidth, also I just want to close port 80 >> for my users, the other people should be able on the outside should >> be able to connect my proxy server. I've run a shop like that for more than two years now. It's a pain in the neck from the support point of view, as every time a luser downloads the new browser of the week, will call you because it doesn't work! If you're starting, please do consider transparent proxying. My understanding is that it can be done in FreeBSD with now problem, though I've failed to find a good example/tutorial/howto explaining the process. You can use 'policy routing' on your cisco to divert web traffic to your proxy, specially if you have little bandwidth. This also protects you from the death of your proxy, which is another support nightmare. >> also I want to do the reverse action to my un*x machines... >> I do not want other people who are not belonging to my domanin >> to be able to make telnet to my machines, but I want the people here >> to be able to make telnet to their accounts outside... For this, packet filters work real nice. You could also use tcp-wrappers, which offer another layer of protection and provide for more logging, but take a step at a time. You should take a look at secure shell. Regards and good luck. -lem To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3.0.5.32.19980629092935.03b12830>