Dear Ray,
I was trying to follow your howto. All is simply to this place
add the following and remove the transproxy lines from masq
$OUT .= " /sbin/iptables --append Forward$AllowLocals -s $local -p tcp --destination-port 80 -j DROP\n";
$OUT .= " /sbin/iptables --append Forward$AllowLocals -d $local -p tcp --destination-port 80 -j DROP\n";
$OUT .= " /sbin/iptables --append Input$AllowLocals -s $local -p tcp --destination-port 80 -j DROP\n";
$OUT .= " /sbin/iptables --append Forward$AllowLocals -s $local -p tcp --destination-port 3128 -j DROP\n";
$OUT .= " /sbin/iptables --append Forward$AllowLocals -d $local -p tcp --destination-port 3128 -j DROP\n";
$OUT .= " /sbin/iptables --append Input$AllowLocals -s $local -p tcp --destination-port 3128 -j DROP\n";
Expand the template when changes have been made.
I was trying to do like this:
mkdir -p /etc/e-smith/templates-custom/etc/rc.d/init.d/masq
cp /etc/e-smith/templates/etc/rc.d/init.d/masq/40AllowLocal /etc/e-smith/templates-custom/etc/rc.d/init.d/masq
...then edit that file in your favourite editor.
I put these lines in 40AllowLocal:
$OUT .= " /sbin/iptables --append Forward$AllowLocals -s $local -p tcp --destination-port 80 -j DROP\n";
$OUT .= " /sbin/iptables --append Forward$AllowLocals -d $local -p tcp --destination-port 80 -j DROP\n";
$OUT .= " /sbin/iptables --append Input$AllowLocals -s $local -p tcp --destination-port 80 -j DROP\n";
$OUT .= " /sbin/iptables --append Forward$AllowLocals -s $local -p tcp --destination-port 3128 -j DROP\n";
$OUT .= " /sbin/iptables --append Forward$AllowLocals -d $local -p tcp --destination-port 3128 -j DROP\n";
$OUT .= " /sbin/iptables --append Input$AllowLocals -s $local -p tcp --destination-port 3128 -j DROP\n";
and then
cp /etc/e-smith/templates/etc/rc.d/init.d/masq/35Transproxy /etc/e-smith/templates-custom/etc/rc.d/init.d/masq
...then delete all lines in that file
and expand the template
/sbin/e-smith/expand-template /etc/rc.d/init.d/masq
/sbin/e-smith/signal-event console-save
/etc/rc.d/init.d/masq restart
Would you be so kind and help me?
Best regards
--------------
Nemo