vi /etc/rc.d/rc.firewall.up
find #squid
before #squid, use the following (all one line, ie RETURN is after -j on the same line):
/sbin/iptables -t nat -A PREROUTING -i $GREEN_DEV -p tcp --dport 80 -d yourBypassProxyDomainHere.com -j RETURN
save and exit
Run this to restart iptables
/etc/rc.d/rc.netaddress.down; /etc/rc.d/rc.netaddress.up
done.
OK, *I* wasn't done, because I'm using Full Firewall Control addon, which basically negates anything done in rc.firewall.up (the source code for FFC itself says flush iptables before parsing FFC list.)
So, to bypass proxy for specific addresses in smoothwall via Full Firewall Control, ping the [domain to bypass dansguardian] to get the ip, and set it up as GREEN from anywhere, port 80, to RED (ip address of bypass domain) method TCP Allow. Funny, that seems easier than I'd have thought.
Showing posts with label proxy. Show all posts
Showing posts with label proxy. Show all posts
Friday, December 18, 2009
Wednesday, October 29, 2008
PuTTY, SSH, Web Browser tunnel
This bypasses your proxy server, tunnels through your own SSH server, and provides web access.
- Have a running ssh server, accessible from the Internet. http://www.dyndns.com can help give you a name to your IP address, if you have a dynamic one. Making the dyndns connection is beyond the scope of this tutorial.
- Create a PuTTY session to your ssh server. Chances are, if you know what step 1 is about, you've already created a PuTTY session to it.
- Inside PuTTY's session, go to Connection, SSH, Tunnels
- Type a number (8080?) into Source Port. Click Dynamic, Auto, and then [Add]
- Save the PuTTY sesssion
- Connect to your PuTTY session
- Configure your browser's proxy settings: Manual, SOCKS v5, 127.0.0.1, port (whatever number you used as your Source Port in 4.)
- If you go to http://www.gwy.org/yourip.php, you should now see that your IP address is your ssh server.
Subscribe to:
Posts (Atom)