Line 51: |
Line 51: |
| ====Block outgoing ports==== | | ====Block outgoing ports==== |
| *I want to block outgoing traffic from my server. | | *I want to block outgoing traffic from my server. |
− | These commands are based on | + | |
− | http://bugs.contribs.org/show_bug.cgi?id=2977 | + | These commands are based on http://bugs.contribs.org/show_bug.cgi?id=2977 |
| | | |
| Please check for the latest attachments (custom template fragments) to this bug. | | Please check for the latest attachments (custom template fragments) to this bug. |
| | | |
| At present, traffic is only blocked if it originates on the primary local | | At present, traffic is only blocked if it originates on the primary local |
− | network. | + | network. No processing is performed on traffic addressed to the LAN IP, WAN IP or |
− | No processing is performed on traffic addressed to the LAN IP, WAN IP or | |
| loopback address of the SME. | | loopback address of the SME. |
− |
| |
| | | |
| Download custom templates and configure ports with db command | | Download custom templates and configure ports with db command |
Line 81: |
Line 79: |
| | | |
| Update the config changes and restart masq | | Update the config changes and restart masq |
| + | signal-event remoteaccess-update |
| + | /etc/init.d/masq restart |
| + | |
| + | ====Bypass Proxy==== |
| + | *You have Transparent Proxy enabled (the default) but want to allow this to be selectively bypassed. |
| + | |
| + | These commands are based on http://bugs.contribs.org/show_bug.cgi?id=2274 |
| + | |
| + | Please check for the latest attachments (custom template fragments) to this bug. |
| + | |
| + | Download custom templates and configure ports with db command |
| + | mkdir -p /etc/e-smith/templates-custom/etc/rc.d/init.d/masq |
| + | cd /etc/e-smith/templates-custom/etc/rc.d/init.d/masq |
| + | wget -O 35transproxy http://bugs.contribs.org/attachment.cgi?id=1410 |
| + | wget -O 90adjustTransProxy http://bugs.contribs.org/attachment.cgi?id=1411 |
| + | |
| + | Create desired db entries for the clients or sites you want to allow |
| + | config setprop squid BypassProxyTo 162.23.23.125 |
| + | config setprop squid BypassProxyFrom a.b.c.d,x.y.z.0/0 |
| + | |
| signal-event remoteaccess-update | | signal-event remoteaccess-update |
| /etc/init.d/masq restart | | /etc/init.d/masq restart |