Proxy Server Setup Problems
Win Toe
penguin at myanmar.com.mm
Thu Feb 19 10:06:11 UTC 2004
Dear Nilesh,
Thanks you very much for your information.
Now I removed
NAT chains entries
IP Masquerades
IP_forward
But I am missing the following options
tcp_outgoing_address
Now I add "tcp_outgoing_address" and now OK. Here is what I did
acl net1 src 192.168.1.x/24
acl net2 src 192.168.2.x/24
tcp_outgoing_address 10.x.x.x net1 #real IP
tcp_outgoing_address 10.x.x.x net2 #real IP
But proxy access is too slow. So, I am finding now to speed up Proxy
access Speed
--
Sent with BAGAN-CYBERTECH Webmail (http://www.bagan.net.mm)
---------- Original Message -----------
From: Nilesh <niluforalways at yahoo.com>
To: penguin at myanmar.com.mm
Sent: Wed, 18 Feb 2004 20:44:58 -0800 (PST)
Subject: Re: Proxy Server Setup Problems
> HI
>
> If you are installed Squid , check it without firewall
> it is working or not Squid works without firewall
> also.
> if it working then run firewall iptables with NAT rule
> or Masqurade
>
> iptables -t nat -A POSTROUTING -o eth0 -j SNAT
> --to-source 10.x.x.x.x ( your TRUE IP)
>
> for Masquerade
> iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
>
> hope this will help
> Nilesh.
> --- wintoe <penguin at myanmar.com.mm> wrote:
> > Dear List,
> >
> > I am now setting up Proxy + Firewall for my LAN.
> > ( Yesterday I send this messge to RH-LIST. But I am
> > not sure where mail arrive to list or not. SO i send
> > again )
> > Here is Current Network Configuration.
> >
> > + ======== +
> > | LAN-1 | 192.168.1.0/24
> > + ======== +
> > ||
> > ||
> > 192.168.1.254/24
> > + ==eth1=== +
> > | |
> > | LinuxBox eth0 -----> ISP---->Internet
> > | | 10.x.x.x
> > + ==eth2=== +
> > 192.168.2.254/24
> > ||
> > ||
> > + ======== +
> > | LAN-2 | 192.168.2.0.0/24
> > + ======== +
> >
> > I have done the followings.
> >
> > Setup proxy server with following confugrations
> > Red Hat 9.0
> > Squid-2-5-STABLE1-2.
> > ( here is squid configurations )
> > http_port 192.168.1.254:8080
> > http_port 192.168.2.254:8080
> > acl lan1 src 192.168.1.0/24
> > acl lan2 src 192.168.2.0/24
> > http_access allow lan1
> > http_access allow lan2
> > cache_peer isp-proxy-server-ip
> > isp-proxy-ip-port 3130
> >
> >
> > IPTABLES
> > IP_forrwarding is set to 1 in
> > /proc/sys/net/ipv4/ip_forward
> > LAN-1 and LAN-2 are DHCP clients of Linux Box (
> > but eth1, eth2 of Linux box are static )
> >
> >
> > I can connect to intranet of ISP from LAN-1, LAN-2
> > through Linux Box as proxy server.
> > Linux box can connect to Internet if I configure to
> > use Proxy of ISP.
> > But I cannot connect to Internet from LAN-1, LAN-2
> > through Linux Box as proxy server.
> > When I connect to Internet MS-IE say "Connecting to
> > site. Waiting for reply ". Then error occurs.
> >
> > What I would like to know is
> > 1. What configurations are missing ( I think nat
> > configuration in iptables. I am now testing nat. but
> > i need someone help )
> > 2. What additional network services, I have to
> > configure.
> >
> > ***
> > I am now finding a good e-book for both
> > Firewall ( iptables ) and Proxy Server ssetup ( with
> > SQUID ). I had googled......
> > but I cannot find...... what I want.
> > Could some one can point out me to the place
> > where I can get these e-book.
> >
> > ****
> >
> > Any help is highly appreciated.
> >
> > Win Toe
> >
> >
> >
>
> __________________________________
> Do you Yahoo!?
> Yahoo! Mail SpamGuard - Read only the mail you want.
> http://antispam.yahoo.com/tools
------- End of Original Message -------
More information about the redhat-list
mailing list