[K12OSN] transparent proxying with LTSP--SOLVED

Sudev Barar sbarar at gmail.com
Fri Feb 24 07:21:45 UTC 2006


On 2/24/06, Brad Johnson <bjohnson at independence.k12.ia.us> wrote:
> >> Ok, so here's what I've got......
> >> LTSP network connects to LSTP server--connects to remainder of
> >> LAN-- connects to Internet.  Where do I put the IPCop Box....do I
> >> put it  directly between LTSP and the remainder of the LAN?
> >
> > Ours sits between our LAN and the internet.  If the clients on your
> > LAN are transparently proxied, then your LTSP clients will also.
> > This applies to your current configuration as well.
>
> > Thanks for the help today guys.  I must admit, I am iptables-
> > challenged.  Since I currently already had a squid/danguardian box
> > on the network, my prefernce was to continue using it.  I then
> > found an old post on the list from 2003, courtesy of Eric Harrison,
> > that led me directly to this wiki link:
> http://k12ltsp.org/phpwiki/index.php/WebFiltering%3AIntegration
>
> which provided me with the two following rules:
>
> iptables -t nat -A OUTPUT -p tcp --dport 80 -j DNAT --to-destination
> 192.168.1.1:3128
> iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to-
> destination 192.168.1.1:3128
>

IPTables challanged as well. What would work if k12box is  iteself
connecting to big bad internet? I want that all internet traffic from
clients on this box (effectively traffic from the box itself) is
routed always through squid/proxy running on the same box itself.
With above syntax all tcp packets will be diverted to proxy:port
given, which would inclde packets from squid/proxy itself. Is this
correct hypothesis or I am wrong in assuming that packets after coming
out of squid/proxy would not be to port 80???

--
Sudev Barar
Learning Linux




More information about the K12OSN mailing list