One Configuration of HTTP with a Firewall

Relevant Points:

• Router only allows traffic between inner and outer gateway machines

• HTTP Proxy server runs on both inner and outer gateway machines

• Files may be cached at either inner or outer proxy server

• Protection: machines outside firewall have no direct access to client machines inside

Many other possible configurations

But this won't help solve the problems mentioned before!

Postscript files, shell scripts can still traverse the firewall

Cheswick and Bellovin, Firewalls and Internet Security: Repelling the Wily Hacker, Addison-Wesley, Reading Mass., 1994.