Lammle.com
  • Instructor-Led Training
    • Browse by Course
      • All Courses
      • CompTIA Courses
      • CiscoŽ Courses
      • Microsoft Courses
      • Wireless Courses
      • IT & Security Courses
      • Attend Online
    • Browse by Date
    • Browse by City
    • Deals and Discounts
      • Spring Specials
      • From CCENT to CCNA in 2 Weeks
      • From CCNA to CCNP in 3 Weeks
      • Corporate Solutions
      • Government Solutions
        • Government Solutions
        • GSA Pricing
      • Recent Newsletters
    • Corporate Solutions
    • Government Solutions
      • Government Solutions
      • GSA Pricing
    • Testimonials
    • Internetworking Salary Survey
  • Locations
    • Atlanta
    • Austin
    • Chicago
    • Dallas/Fort Worth
    • Denver
    • Durham
    • Glendale
    • Houston
    • Live Online Only
    • Los Angeles
    • New Hampshire
    • New York
    • Orlando
    • Raleigh
    • San Diego
    • San Francisco
    • Santa Rosa
    • Washington D.C.
    • England
    • Germany
    Locations
  • Self-Paced Learning
    • Online Live Training
    • E-Learning
    • Online CCNA Video Training
    • Practice Questions
    • DVD and Audio (Lammle Press)
    • Books
  • Blog
  • Forum
  • GlobalNet Consulting
    • Overview
    • Experience
    • Our Team
    • Methodology
    • Projects
    • Contact Us
  • About
    • About Todd Lammle
    • About GlobalNet Training & Consulting
      • About GlobalNet Consulting
    • Student Complaint Policy
    • Terms of Service
      • Privacy Policy
      • Why was my account disabled?
  • Contact
    • Feedback Form
    • Site Map
Home Forum

Official Lammle User Forum


Go Back   Lammle Forum > Cisco® CCSP > Securing Network Devices
Reload this Page Securing transparent proxy
Register FAQ Members List Social Groups Calendar Search Today's Posts Mark Forums Read

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #7  
Old 01-28-2011, 01:08 PM
omd omd is offline
Member
  
Join Date: Dec 2010
Posts: 49
Default
Quote:
Originally Posted by Fuzz View Post
it appears the 'accept dest port 80' was only for input from another another proxy server. I should really pay more attention to what I'm reading!

I wondered as I was typing my previous post whether this might be one of those situations. We all have those slap-yourself-in-the-forehead kind of moments.


Can you post your new output rules?

I would think that if it works with the output chain passing everything, then there should be a way to make it work while locking down the output chain (as oppossed to changing a configuration in squid; which I understand you are looking at).

I would try opening up the output chain and running tcpdump while logging in to the forum to see if there is any traffic on ports you were not expecting.

Also, can you not temporarily set iptables to log what it denies?
Reply With Quote
omd
View Public Profile
Send a private message to omd
Find all posts by omd
 

Bookmarks
  • Submit Thread to Digg Digg
  • Submit Thread to del.icio.us del.icio.us
  • Submit Thread to StumbleUpon StumbleUpon
  • Submit Thread to Google Google
Thread Tools
Show Printable Version Show Printable Version
Email this Page Email this Page
Display Modes
Linear Mode Switch to Linear Mode
Hybrid Mode Switch to Hybrid Mode
Threaded Mode Threaded Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Rules
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
How to block users From visiting Proxy servers anurag007 Security 2 02-26-2013 12:28 AM
VTP mode: Transparent bibekdeep Switching 7 09-06-2011 06:43 AM
Proxy Arp jwc2919 Internetworking 1 03-20-2009 05:16 AM
Authentication Proxy gabrielshorn Access Lists 0 08-19-2008 12:06 PM
Cut through Proxy on the Firewall aguilera PIX and ASA 0 12-13-2006 08:46 AM


All times are GMT -5. The time now is 09:12 AM.

Contact Us - Lammle.com - Archive - Top

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2013, vBulletin Solutions, Inc.

CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, Cisco, Cisco IOS, Cisco Systems, the Cisco Systems logo, and Networking Academy are registered trademarks or trademarks of Cisco Systems, Inc. and/or its affiliates in the U.S. and certain other countries. All other trademarks mentioned in this document or Web site are the property of their respective owners. The content of this website is the copyrighted property of Lammle.com.
© 2013 Lammle.comPrivacy Policy