Preparing to Use Proxies
SunScreen includes four proxies: FTP, HTTP, SMTP, and TELNET.
Each one is a completely separate user-level application, although they use some shared data and policy files for authentication. Certain proxies provide some content filtering or user authentication or both. They allow or deny sessions based on the source and destination addresses.
The rc proxy script is used to start up the proxies as needed. It is located in /etc/init.d and the symbolic link to /etc/rc2.d/S79proxy. The script verifies that:
-
The proxy executable is in /usr/lib/sunscreen/proxies.
-
The corresponding policy file is in /etc/sunscreen/proxies.
-
The policy file has a size larger than zero.
If these requirements are not met, the proxy will not start.
The policy rule compiler uses this script to cause each proxy to reread its policy file as needed.
Note -
You must disable the corresponding standard network service (if any) for HTTP proxies to function. If you have installed an HTTP daemon, you must disable it before the HTTP proxy will work. Conflicting standard Solaris servers for telnet, FTP, and SMTP are handled automatically during policy activation. See the SunScreen 3.2 Administrator's Overview for further details.
- © 2010, Oracle Corporation and/or its affiliates