SYSTEM WARNING: 'date_default_timezone_get(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone.' in '/usr/share/mantis/www/core.php' line 264
|Anonymous | Login||2021-02-24 20:39 UTC|
|Main | My View | View Issues | Change Log | Roadmap|
|View Issue Details|
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0004531||Endian Firewall||Proxy HTTP||public||2013-02-19 00:35||2013-02-19 00:50|
|Target Version||Fixed in Version|
|Summary||0004531: Policy Routing not working with HTTP Proxy turned on|
|Description||Network Policy Routing does not work when HTTP Proxy is enabled and access is through the HTTP Proxy (only tested transparent proxy).|
|Steps To Reproduce||Setup 2 WAN (Red) interfaces.|
Enable HTTP Proxy and set to transparent on Green.
Create a Policy Route to route HTTP traffic via the additional uplink (not the main one).
Go to whatismyip.com to see your IP address. It's still that of the main uplink.
Turn off the HTTP Proxy or change to non-transparent on Green.
Go to whatismyip.com to see your IP address. Notice that it is now of the additional uplink (as it should be).
|Additional Information||Product version is 2.5.1|
|Tags||No tags attached.|
Having done some further research I worked out the issue and arguably it's "by design". The Policy Routing takes place AFTER the HTTP Proxying and due to this you need to have the FROM set to LOCAL in your Policy Routing rule. The policy routing then works fine.
There is still a problem when you want for example to have everything from your DMZ Orange network going via a different uplink. There is no way to specify a Policy Routing rule to make everything from the DMZ go via a different uplink using Policy Routing if you're proxying the HTTP traffic from the DMZ. Perhaps this is more a documentation issue rather than anything else.
|This issue is effectively a duplicate of issue 4353 and issues 3305. Issue 3305 explains the solution.|
|2013-02-19 00:35||Sheldmandu||New Issue|
|2013-02-19 00:48||Sheldmandu||Note Added: 0008380|
|2013-02-19 00:50||Sheldmandu||Note Added: 0008381|
|Copyright © 2000 - 2012 MantisBT Group|