Copyright (c) 2008 Endian srl, Italy.
Permission is granted to copy, distribute and/or modify this document
under the terms of the GNU Free Documentation License, Version 1.2
or any later version published by the Free Software Foundation;
with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts.
A copy of the license is included in the section entitled "GNU
Free Documentation License".
Select Proxy from the menu bar at the top of the screen.
A proxy is a service on your Endian Firewall that can act as a gate keeper between clients (such as a web browser on the LAN) and network services (such as a web server on the internet). Clients connect to the proxy which in turn can retrieve, cache, filter and potentially block the information from the original server. A proxy is called transparent, if all traffic goes through it regardless whether the client is explicitly configured to make use of the proxy or not. Non-transparent proxies hence rely on the collaboration of the client (for example, the proxy settings of your web browser).
Following is a list of proxies available on Endian Firewall. Each proxy can be configured via the links that appear in the submenu on the left side of the screen:
Each link will be explained individually in the following sections.
This section of the reference guide will be added in a future update.
Select Proxy from the menu bar at the top of the screen, then select POP3 from the submenu on the left side of the screen.
This section of the reference guide will be added in a future update.
Select Proxy from the menu bar at the top of the screen, then select SIP from the submenu on the left side of the screen.
The SIP Proxy is a proxy/masquerading daemon for the SIP and RTP protocol. The SIP (Session Initiation Protocol, RFC3261) and RTP (Real-time Transport Protocol) are used by Voice over IP (VoIP) devices to establish telephone calls and carry voice streams.
The proxy handles registrations of SIP clients on the LAN and performs rewriting of the SIP message bodies to make SIP connections possible through Endian Firewall and therefore make SIP clients (like x-lite, kphone, linphone or VoIP hardware) able to work behind NAT. Without this proxy, connections between clients are not possible at all if both are behind NAT, since one client can't reach the other directly and therefore no RTP connection can be established between them.
Once enabled, the following settings can be performed (confirm by clicking Save).
| Status | - | "transparent" means all outgoing traffic to port SIP port will be automatically redirected to the SIP proxy; "enabled" means the proxy will listen to the SIP port and clients need to be made aware of th proxy |
| SIP Port | - | default: 5060 |
| RTP Port Low / High | - | UDP Port range the SIP proxy will use for incoming and outgoing RTP traffic. By default the range 7070 up to (and including) 7090 is used. This allows up to 10 simultaneous calls (2 ports per call). If you need more simultaneous calls, increase the range. |
| Outbound proxy host / port | - | the SIP Proxy itself can be told to send all traffic to another outbound proxy |
| Autosave registrations | - | this allows the SIP proxy to remember registration across a restart |
| Log calls | - | log established calls in the SIP proxy log |
| Firewall logs outgoing connections | - | show outgoing connections in the firewall log |
Select Proxy from the menu bar at the top of the screen, then select FTP from the submenu on the left side of the screen.
This section of the reference guide will be added in a future update.
Select Proxy from the menu bar at the top of the screen, then select SMTP from the submenu on the left side of the screen.
This section of the reference guide will be added in a future update.
Select Proxy from the menu bar at the top of the screen, then select DNS from the submenu on the left side of the screen.
This section of the reference guide will be added in a future update.