I have the below rules in my firewall. the http server is inside the
firewall on 192.168.1.2:80
people can hit it fine from the outside
squid is running on the firewall
inside can browser ouside via squid just fine
inside cannot browse the outside address
Any thought/input would be appreciated.
# http server
$PROG -t nat -A PREROUTING -i $NIC_EXTERNAL -p tcp \
-s 0/0 --dport http \
-j DNAT --to-destination 192.168.1.2:80
$PROG -t mangle -A FORWARD -i $NIC_EXTERNAL -s 0/0 \
-o $NIC_INTERNAL -d 192.168.1.2 -p tcp --dport http \
-m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
