Welcome, Guest. Please login or register.
Did you miss your activation email?
Friday 27 December 2024, 11:20:26 pm

Login with username, password and session length

CLICK HERE for the The official Endian Roadmap and Issue tracker
14262 Posts in 4377 Topics by 6517 Members
Latest Member: Sandro
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  EFW SMTP, HTTP, SIP, FTP Proxy Support
| | |-+  Transparent HTTP PROXY on ORANGE (DMZ)
0 Members and 1 Guest are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: Transparent HTTP PROXY on ORANGE (DMZ)  (Read 12188 times)
Papoux
Jr. Member
*
Offline Offline

Posts: 5


« on: Wednesday 11 June 2008, 11:47:11 pm »

Hi everybody,

I'm using EFW 2.2RC1.

Initially, I enabled transparent HTTP Proxy on GREEN, BLUE and ORANGE interfaces.
I activated it on ORANGE interface with the intention to secure my WEB server located on the DMZ.

I noticed that the Memory cache consumption was constantly increasing during the day and the bandwidth consumption increased on the RED interface only without corresponding increase on all other interfaces.  The IDS was reporting all sort of attacks against my WEB server and, that's what make me suspect that the HTTP Proxy might be trying to cache stuff from the Internet...  I was unable to access the HTTP cache log web page (probably too many items were cached and the script that generates the page simply timeout).

I deactivated the HTTP Proxy on the ORANGE interface, and the system now works properly and the proxy, memory consumption and traffic load are normal.

Question:
------------
How can I configure the proxy to protect my WEB server on the ORANGE (DMZ) interface without caching elements from or to this network?  I want simple coherency check and validation of authorized mime types on the ORANGE interface. On GREEN and BLUE, I want transparent HTTP Proxy with WEB caching.

Thanks,

Papoux ;-)
Logged
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.047 seconds with 17 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com