Welcome, Guest. Please login or register.
Did you miss your activation email?
Sunday 17 November 2024, 03:18:25 am

Login with username, password and session length

The Latest Endian Firewall is now available for download HERE
14258 Posts in 4377 Topics by 6515 Members
Latest Member: hulteends
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  EFW SMTP, HTTP, SIP, FTP Proxy Support
| | |-+  Transparent HTTP PROXY on ORANGE (DMZ)
0 Members and 1 Guest are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: Transparent HTTP PROXY on ORANGE (DMZ)  (Read 11019 times)
Papoux
Jr. Member
*
Offline Offline

Posts: 5


« on: Wednesday 11 June 2008, 11:47:11 pm »

Hi everybody,

I'm using EFW 2.2RC1.

Initially, I enabled transparent HTTP Proxy on GREEN, BLUE and ORANGE interfaces.
I activated it on ORANGE interface with the intention to secure my WEB server located on the DMZ.

I noticed that the Memory cache consumption was constantly increasing during the day and the bandwidth consumption increased on the RED interface only without corresponding increase on all other interfaces.  The IDS was reporting all sort of attacks against my WEB server and, that's what make me suspect that the HTTP Proxy might be trying to cache stuff from the Internet...  I was unable to access the HTTP cache log web page (probably too many items were cached and the script that generates the page simply timeout).

I deactivated the HTTP Proxy on the ORANGE interface, and the system now works properly and the proxy, memory consumption and traffic load are normal.

Question:
------------
How can I configure the proxy to protect my WEB server on the ORANGE (DMZ) interface without caching elements from or to this network?  I want simple coherency check and validation of authorized mime types on the ORANGE interface. On GREEN and BLUE, I want transparent HTTP Proxy with WEB caching.

Thanks,

Papoux ;-)
Logged
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.031 seconds with 18 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com