Sziasztok! A kovetkezo problemam. Adott egy webserver amit egy zorp 2.0-as ved. Kulon gep, keresztkabellel osszekotve. Kintrol tokeletesen latszik a webserver, es megy is ra az ssh, de a webserverrol is kellene a web. (frissites, patch, stb). Mit rontottam el? a masik, van valami termeszetes oka, h nagyon lassan epul fel a kapcsolat? utana mar rendben muxik. Kernem a lista szives segitseget, mert lassan mar alig marad hajam... Mellekelten kuldenem a konfigokat. Bocsanat a level hosszusagaaert! Koszi! Szabek =====policy.py=========== from Zorp.Core import * from Zorp.Http import * from Zorp.Plug import * InetZone('internet', ['0.0.0.0/0'], inbound_services=[ "OutgoingRequest", "HTTP"], outbound_services=[ "HTTP", "sshTOweb"]) InetZone('Intranet', ['192.168.0.0/24'], inbound_services=[]) InetZone('Webserver', ['192.168.0.10/32'], inbound_services=[ "HTTP", "sshTOweb"], outbound_services=[ "OutgoingRequest", "HTTP"], admin_parent='Intranet') def HTTP() : Service(name="HTTP", proxy_class=HttpProxy, router=DirectedRouter(dest_addr=SockAddrInet('192.168.0. 10', 80), forge_addr=TRUE)) Listener(bindto=SockAddrInet('100.100.100.100', 80), service="HTTP", backlog=255) def outgoingRequest() : Service(name="OutgoingRequest", proxy_class=HttpProxy, router=TransparentRouter(forge_addr=TRUE)) Listener(bindto=SockAddrInet('192.168.0.5', 80), service="OutgoingRequest", backlog=255) def sshTOweb() : Service(name="sshTOweb", proxy_class=PlugProxy, router=DirectedRouter(dest_addr=SockAddrInet('192.16 8.0.10', 22), forge_addr=TRUE)) Listener(bindto=SockAddrInet('100.100.100.100', 2222), service="sshTOweb", backlog=255) ======================= instances.conf ======================= HTTP --autobind-ip 1.2.3.4 --policy /etc/zorp/policy.py outgoingRequest --autobind-ip 1.2.3.4 --policy /etc/zorp/policy.py sshTOweb --autobind-ip 1.2.3.4 --policy /etc/zorp/policy.py ============= iptables.in ============= -A INPUT -m state --state NEW -p tcp --dport 80 -j ACCEPT -A INPUT -m state --state NEW -p tcp --dport 2222 -j ACCEPT -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT -A INPUT -p tcp --syn --dport 22 -j ACCEPT -A INPUT -p tcp --syn --dport 1310:1320 -j ACCEPT