This worked well, cheers.
A side note on this, all net access comes over a SSH link, ie ssh
mysecurehost.com -D 1080 , I'm currently using tsocks to give bash
apps net access and using gnome network settings for any gui apps.
I'm thinking of moving the ssh/web bridge to the same machine as the
bind server and hosting from there. What would be my best route for a
transparent proxy to then forward onto the internal network clients?
I need full logging capability, so that I know which clients are
requesting what pages.
Cheers
On 14/04/2008, Adrian Bridgett <adrian@???> wrote:
> On Mon, Apr 14, 2008 at 18:00:09 +0100 (+0100), Peter Brooks wrote:
> > Hi all,
> > I'm trying to setup to forward from our ISP provided DNS to my
> > internal network, the ISP gives us an address of 150.5.200.32 with DNS
> > 150.5.40.1 and I'm using internal addresses of 192.168.1.0
> >
> > Below is my iptables script, any idea of what I'm doing wrong?
>
>
> I'd personally run a copy of BIND with forward-first set, then point
> your local boxes to that box.
>
> something like:
>
> acl internal {
> 192.168.1.0/24;
> };
> options {
> allow-query { internal; };
> forwarders {
> 150.5.40.1;
> };
> forward-first;
> };
>
> Adrian
> --
> Email: adrian@??? -*- GPG key available on public key servers
> Debian GNU/Linux - the maintainable distribution -*- www.debian.org
>
>
> --
> Please post to: Hampshire@???
> Web Interface: https://mailman.lug.org.uk/mailman/listinfo/hampshire
> LUG URL: http://www.hantslug.org.uk
> --------------------------------------------------------------
>
--
Peter Brooks
