[zorp] iptables configuration for zorp alg

Tillmann Werner zorp@lists.balabit.hu
Fri, 25 Feb 2005 19:42:20 +0100

Hi Baszi and Krisztian,

> Released, compiled and briefly tested Zorp GPL which is
> available at:
> http://www.balabit.hu/downloads/zorp/zorp-os/pool/z/zorp/
> Remember to compile it using libzorpll, which is available
> at:
> http://www.balabit.hu/downloads/zorp/zorp-os/pool/l/libzorpll

Many thanks for your help! I finally got one combination running, but 
I'll try this weekend.

Another question: My first Zorp configuration, a simple http proxy, is 
completely transparent for the client, but the server would see the ip 
address of the gateway machine (it does not because of a nat firewall 
in front of the alg).

Please have a look at my policy.py below, is there a switch missing for 
transparency from the server point of view?

Have a nice weekend,

from Zorp.Core import *
from Zorp.Http import *

InetZone('intra', '', outbound_services=['http'])
InetZone('inter', '', inbound_services=['*'], 

class InternHttp(HttpProxy):
        def config(self):
                self.transparent_mode = TRUE

def intra():
        Service('http', InternHttp)
        Listener(SockAddrInet('', 50080), 'http')

def inter():