From: Don R. <do...@ro...> - 2007-07-13 05:04:11
|
John Lucas wrote: > The LTSP traffic (X and NFS) take place on your eth0:1, but the applications > are running on the server whose primary interface is eth0. There isn't > anything unexpected happening here. Well - that is what I tried first. I now have ltsp on eth0, squid on eth0:1, but I still seem to need a rule allowing access for eth0:1's ip for the LTSP clients. Or any client for that matter. It don't think it an LTSP problem though ... > I think I know what you want to do: force users to use the proxy in order to > get to the web. The simplest way (there may be others) would be to either run > a transparent proxy on your perimeter firewall (eg. IPCop), or to run the > proxy on a stand-alone machine (separate from your LTSP server) and only > allow web traffic from that (proxy) machine to pass through the firewall. > We have a old windows firewall that I want to change to Monowall. My colleague is busy typing up a list of books we would like to buy, but we have to apply to the government for approval and funds. We should get them by the end of the decade. After that we can apply for another computer ... as we say at home Yeah, right. The solution to the problem seems to be setting tcp_outgoing_address in the squid.conf file to the Squid ip address. don |