Urgent and imp. Making Squid 2.6 stable as tranpsarent proxy

General discussion about PLUC and Linux in Pakistan.
Post Reply
mikdadhussain
Lance Naik
Posts: 19
Joined: Tue Jan 10, 2006 7:18 pm
Location: Lahore
Contact:

Urgent and imp. Making Squid 2.6 stable as tranpsarent proxy

Post by mikdadhussain »

Hello,
Dear All.
I wanted to make a request to help from all of you guys.
Actually i work for an organization, where Squid is used as Transparent proxy,
Static Ip's have been assigned for the Clients, so here no need for Nating or Masquerading, but just Tranparent proxying is required,
I have tested Squid 2.6 stable 2 as Tranparent proxy as testing on a single network and it works fine.
with this configuration
[http_port 192.168.254.252:3128 transparent
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128
echo 1 > /proc/sys/net/ipv4/ip_forward]
and this works for a single network as Tranparent proxy
means all clients having Ips [192.168.254.x] use the 192.168.254.252 as gateway and their request is fullfilled,
but now the demand is that
the client should use the 192.168.253.x and squid should use the 192.168.254.252 , ie. different Networks [here again, no Nating is required simply tranparent proxy].
I have created another virtual interface of squid server having ip 192.168.253.252 and forwarded the user's requests to it.
But it doesn't work , i think there is some problem with the iptalbes.
[Remember that in the squid 2.5 the tranparent proxy features were
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on]
and these all have been deprecated in the Squid 2.6 stable 2.
{in the private networks shown above, u can also consider to be subsituted the Real IP, i have replaced them. coz i m still testing it.}

So, plz help me out for this task.

Thanks a lot.
Shoaib Akbar.
JNE WOL Lahore.



Shoaib Akbar.
Assistant Network Engineer.
Cell #. 0334-4046608.
World Online Lahore.
syedali999
Battalion Havaldaar Major
Posts: 252
Joined: Sun May 29, 2005 1:45 am
Location: Karachi
Contact:

Post by syedali999 »

Different Network!
First, To Contact Squid Box, You Are using Router or routing daemon.

First Let your router pass your request to squid-box.

Then the process will be same as for single network.

FYI, Wol Lhr is using one block of IP Address which is 202.154.x.x
no need to route request i think!

Feel Free to Ask 4 More!
Thanks,
Regards


S. Asad Ali Rizvi
===================
Nomado Telecom
http://www.nomado.eu
alex[NoSpam]@nomado.eu
====================
LPI ID: LPI000102069
My blogs:
http://crea8ivefood.blogspot.com
http://actuarialsciencestudies.blogspot.com
LinuxFreaK
Site Admin
Posts: 5132
Joined: Fri May 02, 2003 10:24 am
Location: Karachi
Contact:

Re:

Post by LinuxFreaK »

Dear mikdadhussain,
Salam,

FYI, http://www.linuxpakistan.net/forum2x/vi ... .php?t=414

Best Regards.
Farrukh Ahmed
Post Reply