F-Secure Internet Gatekeeper for Linux/Administrator’s Guide
110
Overview of operations:
The following describes how clients connect to servers when F-Secure Internet Gatekeeper for Linux
is set up as a transparent proxy:
1
The client starts a connection to a service port (example 110) of a server (SERVER).
2
The NAT (lower-level) router relays the access request from the client to F-Secure Internet
Gatekeeper for Linux (FSIGK) that is set on the default route.
3
FSIGK redirects the access request from the client to FSIGK:9110 on the basis of the NAT
setting in iptables, and stores the original access destination (SERVER:110).
4
FSIGK listens to the access at VIRUS:9110 and retrieves the access request replaced by
iptables. Afterwards, Internet Gatekeeper retrieves the original destination (SERVER:110)
which has been stored in iptables and sends the access request to the original destination
(SERVER:110).
Settings
To use a transparent proxy in proxy mode, configure the network and server associated with F-Secure
Internet Gatekeeper for Linux in the following way:
1 Open the web console. Select
Proxy settings
and then start up each service in transparent proxy
mode:
Proxy Settings
Proxy settings
HTTP proxy:
On
Port Number:
9080
Transparent proxy:
On
SMTP proxy:
On
Proxy port:
9025
Transparent proxy:
On
POP proxy:
On
Proxy port:
9110
Transparent proxy:
On
FTP proxy:
On
Proxy port:
9021
Transparent proxy:
On
After configuring the settings, check that the client can access the port of each service (9080, 9025,
9110, 9021) on Internet Gatekeeper.