[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [K12OSN] transparent proxying workstations from eth0 to eth1



What kind of content filter/proxy do you have on the gateway??
The only thing you should have to turn on is forwarding for workstations which have the LTSP server between them and the gateway. The gateway should take care of the rest. It's very difficult to do the proxy/filter on the LTSP server. It's really meant to be run on the gateway. Trust me, I've tried this in a one server school. You basically end up filtering non-root outgoing and all forwarding traffic through a complicated iptables mess.

On Aug 16, 2007, at 12:27 PM, Huck wrote:

Yay...a breakthrough this morning...

just turning on those services 'transparent-proxying' etc.etc.etc..
doesn't do much ;)

one must actually edit the /etc/squid.conf file (and squidGuard.conf if they plan on filtering anything)

and there these are the items I edit'd:

http_port 192.168.0.254:3128 transparent (to allow transparent proxying)

THEN-----in the ACL section...

acl ltsp src 192.168.0.0/255.255.255.0


THEN-----in the http_access section

http_access allow ltsp


and finally...the line to redirect stuff through SquidGuard..I put as the last line of the file

redirect_program /usr/bin/squidGuard -c /etc/squid/squidGuard.conf



now...this oddly still bypasses my content filter set up at my gateway..and I'm not sure why...(thus I had to put squidGuard on the local LTSP box as well)...but now my windows users behind my LTSP server can transparent proxy in joy.

--Huck

_______________________________________________
K12OSN mailing list
K12OSN redhat com
https://www.redhat.com/mailman/listinfo/k12osn
For more info see <http://www.k12os.org>


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]