Menu
▾
▴
[Snort-inline-users] snort-inline + reverse proxy
|
From: Dino D. <dra...@gf...> - 2004-12-02 17:48:41
|
Hi folks, I am trying to install reverse proxy on our firewall so that https = requests will be forwarded as http requests to local web server (in DMZ) = and analized by snort-inline which is installed on the same machine as = reverse proxy. Reverse proxy work OK,I can access both ports 80 and 443 from Internet.=20 iptables -t mangle -A INPUT -p TCP -m state --state NEW -j MARK = --set-mark 2 iptables -t mangle -A INPUT -p TCP -m state --state ESTABLISHED -j MARK = --set-mark 7 iptables -A INPUT -m mark --mark 2 -j QUEUE iptables -A INPUT -m mark --mark 7 -j QUEUE But when I send http requests to snort-inline,web server is inaccessible = from outside. #iptables -t mangle -A OUTPUT -p TCP -m state --state NEW -j MARK = --set-mark 3 #iptables -t mangle -A OUTPUT -p TCP -m state --state ESTABLISHED -j = MARK --set-mark 9 #iptables -A OUTPUT -p TCP -m mark --mark 3 -j QUEUE #iptables -A OUTPUT -p TCP -m mark --mark 9 -j QUEUE I have tried almost everything but I just can`t make it work..... stream4 and stream4_reassemble are configured as: preprocessor stream4: iptablesnewmark 1-5,iptablesestmark = 6-10,forceipstate preprocessor stream4_reassemble: both What am I doing wrong? Thanks! ~~~ Dino Dragovic Faculty of Civil Engineering dra...@gf... www.gfos.hr |
