[zorp] iptables configuration for zorp alg
Tillmann Werner
zorp@lists.balabit.hu
Fri, 25 Feb 2005 19:42:20 +0100
Hi Baszi and Krisztian,
> Released, compiled and briefly tested Zorp GPL 3.0.3.2 which is
> available at:
>
> http://www.balabit.hu/downloads/zorp/zorp-os/pool/z/zorp/
>
> Remember to compile it using libzorpll 3.0.6.0.3, which is available
> at:
>
> http://www.balabit.hu/downloads/zorp/zorp-os/pool/l/libzorpll
Many thanks for your help! I finally got one combination running, but
I'll try 3.0.3.2/3.0.6.0.3 this weekend.
Another question: My first Zorp configuration, a simple http proxy, is
completely transparent for the client, but the server would see the ip
address of the gateway machine (it does not because of a nat firewall
in front of the alg).
Please have a look at my policy.py below, is there a switch missing for
transparency from the server point of view?
Have a nice weekend,
Till
----------------------
from Zorp.Core import *
from Zorp.Http import *
InetZone('intra', '10.0.0.0/24', outbound_services=['http'])
InetZone('inter', '0.0.0.0/0', inbound_services=['*'],
outbound_services=['http'])
class InternHttp(HttpProxy):
def config(self):
HttpProxy.config(self)
self.transparent_mode = TRUE
def intra():
Service('http', InternHttp)
Listener(SockAddrInet('192.168.3.30', 50080), 'http')
def inter():
pass