The UNIX and Linux Forums  
Hello and Welcome from United States to the UNIX and Linux Forums! Thank You for Visiting and Joining Our Global Community.

Go Back   The UNIX and Linux Forums > Special Forums > Security
Reload this Page Help with iptables on proxy server
.
google unix.com

Forums Register Forum RulesLinksAlbums FAQ Members List Calendar Search Today's Posts Mark Forums Read



Thread: Help with iptables on proxy server
View Single Post in the UNIX and Linux Forums - Click on the Thread or Permalink to View Entire Thread -->
  #2 (permalink)  
Old 04-09-2009
Neo's Avatar
Neo Neo is online now Forum Staff  
Administrator
  
 

Join Date: Sep 2000
Location: Asia Pacific
Posts: 6,724
Quote:
Originally Posted by sdotsen View Post
I may be doing this incorrectly, so if you have any suggestions, I'm open to it. So I installed a reverse proxy server on my LAN. It's not on the DMZ because it's coming from a blade running inside a virtual machine. Anyways, so I installed iptables and locked everything down from the outside coming in. Only port 80 is open from the outside. My question is, what if someone compromised the box in any way, I want to deny them access to our local lan. However, just thinking about this, if someone got in through SSH or something they could just disable iptables, no?

I was thinking of denying traffic from the proxy to our LAN but is that irrelevant? I still need my LAN to talk to the proxy server since our back-end webservers need to communicate w/ this proxy server.
Can you please upload a diagram of your network?

Frankly speaking, I am happy to respond, but lazy to translate your text description into a picture. I need a visual.

Thanks.