[K12OSN] transparent proxying with LTSP--SOLVED
Burke Almquist
balmquist at mindfirestudios.com
Fri Feb 24 13:46:36 UTC 2006
These lines even take care of access directly from the LTSP server,
it's a slightly simpler setup with a separate machine, but this works.
On Feb 24, 2006, at 1:21 AM, Sudev Barar wrote:
> On 2/24/06, Brad Johnson <bjohnson at independence.k12.ia.us> wrote:
>>>> Ok, so here's what I've got......
>>>> LTSP network connects to LSTP server--connects to remainder of
>>>> LAN-- connects to Internet. Where do I put the IPCop Box....do I
>>>> put it directly between LTSP and the remainder of the LAN?
>>>
>>> Ours sits between our LAN and the internet. If the clients on your
>>> LAN are transparently proxied, then your LTSP clients will also.
>>> This applies to your current configuration as well.
>>
>>> Thanks for the help today guys. I must admit, I am iptables-
>>> challenged. Since I currently already had a squid/danguardian box
>>> on the network, my prefernce was to continue using it. I then
>>> found an old post on the list from 2003, courtesy of Eric Harrison,
>>> that led me directly to this wiki link:
>> http://k12ltsp.org/phpwiki/index.php/WebFiltering%3AIntegration
>>
>> which provided me with the two following rules:
>>
>> iptables -t nat -A OUTPUT -p tcp --dport 80 -j DNAT --to-destination
>> 192.168.1.1:3128
>> iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to-
>> destination 192.168.1.1:3128
>>
>
> IPTables challanged as well. What would work if k12box is iteself
> connecting to big bad internet? I want that all internet traffic from
> clients on this box (effectively traffic from the box itself) is
> routed always through squid/proxy running on the same box itself.
> With above syntax all tcp packets will be diverted to proxy:port
> given, which would inclde packets from squid/proxy itself. Is this
> correct hypothesis or I am wrong in assuming that packets after coming
> out of squid/proxy would not be to port 80???
>
> --
> Sudev Barar
> Learning Linux
>
> _______________________________________________
> K12OSN mailing list
> K12OSN at redhat.com
> https://www.redhat.com/mailman/listinfo/k12osn
> For more info see <http://www.k12os.org>
More information about the K12OSN
mailing list