This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Technical details why proxy superseeds firewall

Hi all!

Can anyone tell me the technical details, why the web proxy comes before firewall rules?
We currently have a problem with the proxy (standard mode) allowing connections to all of our secured networks (servers, customer systems) which means a huge security risk.
I know of the possibility to block these connections with blacklists but that would mean that we have to maintain a list of more than 500 networks and servers (each with DNS name, host name and IP address). That's not feasible.

Or ist there any other more reasonable solution?

Thanks.

This thread was automatically locked due to age.

Parents

0 teched_01 over 10 years ago
Not necessarily the whole picture:
iptables-save | grep TPROXY

Are cc/confd-client.plx and the command line more feasible/reasonable in your environment?
Cancel
Vote Up 0 Vote Down

Cancel
0 scorpionking over 10 years ago in reply to teched_01

Thanks Bob.

Are cc/confd-client.plx and the command line more feasible/reasonable in your environment?

Yes, but that would void support... [;)]
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 scorpionking over 10 years ago in reply to teched_01

Thanks Bob.

Are cc/confd-client.plx and the command line more feasible/reasonable in your environment?

Yes, but that would void support... [;)]
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data