|
/
Zope
/
Apsis
/
Pound Mailing List
/
Archive
/
2006
/
2006-12
/
Pound Proxy and the Firewall problems:
[
Alive URI / Francisco Ruiz ... ]
[
RewriteLocation / "Joe Gooch" ... ]
Pound Proxy and the Firewall problems:
"Gray, Tom A [EQ]" <Tom.Gray(at)embarq.com> |
2006-12-20 19:41:42 |
[ FULL ]
|
I am using Pound to proxy request from the Extranet DMZ into the Enterprise.
It's not working because gateway firewall blocks the request as soon as the
destination information shows up in the URL. How can I get pound to keep the
requesting URL while serving the content from the backend? Here is my
current config file:
ListenHTTP
Address 144.226.50.99
Port 8608
RewriteLocation 0
RewriteDestination 0
Service
Backend
Redirect "http://tmonline.corp.intranet/67276/index.htm"
End
End
End
To phase the question another way, if, instead, I tried it like this (see below
config), pound does contact the backend while keeping the requesting URL
header, but, it never finds the content at: 67276/index.htm
ListenHTTP
Address 144.226.50.99
Port 8608
RewriteLocation 0
RewriteDestination 0
Service
BackEnd
Address tmonline.corp.intranet
Port 80
End
End
End
|
|
|
|
|
Re: [Pound Mailing List] Pound Proxy and the Firewall problems:
Adam <adam(at)host8.biz> |
2006-12-20 20:11:22 |
[ FULL ]
|
> ListenHTTP[...]
you are using only redirect here and it is not proxy in fact,
redirect is useful when you need some simple filtering
without using any backend, for example to block unwanted
hack attempts in URLs:
Service
Url "\?.*(iframe|script|document\.cookie|alert|\;).*"
Redirect "http://host8.biz/errors/forbidden-url.htm"
End
but you don't need "Redirect" in "Backend" context since it
doesn't make any sense
[...]
try with:
RewriteLocation 2
or
RewriteLocation 1 (default)
--
Kind Regards,
Adam Andrzej Jaworski
Host8Biz EU
|
|
|
RE: [Pound Mailing List] Pound Proxy and the Firewall problems:
"Gray, Tom A [EQ]" <Tom.Gray(at)embarq.com> |
2006-12-20 20:47:46 |
[ FULL ]
|
When I use the backend like so:
BackEnd
Address tmonline.corp.intranet
Port 80
End
Then the request never arrives at the content location of
tmonline.corp.intranet/67276/index.htm
What is the trick?
Secondly -- In fact, the gateway firewall will block a request to
tmonline.corp.intranet, so I need Pound to retain the requesting URL base
(partners.xyx.com). How to?
-----Original Message-----
From: Adam Andrzej Jaworski [mailto:emaylx(at)gmail.com] On Behalf Of Adam
Sent: Wednesday, December 20, 2006 1:11 PM
To: pound(at)apsis.ch
Subject: Re: [Pound Mailing List] Pound Proxy and the Firewall problems:
[...]
you are using only redirect here and it is not proxy in fact, redirect is
useful when you need some simple filtering without using any backend, for
example to block unwanted hack attempts in URLs:
Service
Url "\?.*(iframe|script|document\.cookie|alert|\;).*"
Redirect "http://host8.biz/errors/forbidden-url.htm"
End
but you don't need "Redirect" in "Backend" context since it doesn't make any
sense
[...]
try with:
RewriteLocation 2
or
RewriteLocation 1 (default)
--
Kind Regards,
Adam Andrzej Jaworski
Host8Biz EU
--
To unsubscribe send an email with subject 'unsubscribe' to pound(at)apsis.ch.
Please contact roseg(at)apsis.ch for questions.
http://www.apsis.ch/pound/pound_list/archive/2006/2006-12/1166640102000/1166641882000
|
|
|
|
