How to use Squid with load balancing scripts

Taking care of your Linux box.
mejam
Havaldaar
Posts: 127
Joined: Sat Oct 18, 2008 12:30 pm
Location: Lahore
Contact:

How to use Squid with load balancing scripts

Postby mejam » Fri Nov 28, 2008 8:15 pm

Dear All,
I am running CentOS5.2 and i have done load balancing through scripting...I have my LAN on ETH0 and two DSLs at ETH1 and ETH2...i have configured squid too...i dont want my users to manually give proxy in their browsers...thats why i used iptables to redirect port 80 to 3128...my clients are on winXP...they give the IP of my centos server in their gateway...but no browsing at all...i have NAT ETH1 and ETH2 both...if i disable this port redirection rule...every thing works but when i enable this redirection rules...every thing stops...Please help....!
Regards
Abdulrehman

shakirz1
Battalion Quarter Master Havaldaar
Posts: 207
Joined: Sat Aug 09, 2003 5:00 pm
Location: Karachi
Contact:

Postby shakirz1 » Sat Nov 29, 2008 11:01 am

instead of redirect use DNAT ip:port of squid, it will solve your problem.

mejam
Havaldaar
Posts: 127
Joined: Sat Oct 18, 2008 12:30 pm
Location: Lahore
Contact:

Postby mejam » Mon Dec 01, 2008 10:36 am

#iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 3128

my rule is this...can u please tell me the DNAT rule ...?
Regards

Abdulrehman

mudasir
Captain
Posts: 565
Joined: Tue Oct 17, 2006 5:23 am
Location: Dubai
Contact:

Postby mudasir » Mon Dec 01, 2008 1:12 pm

AOA,

Please check whether the squid version installed supports transparent proxy or not. You can check this by following command

Code: Select all

If using default installed squid
[root@server1 $] squid -v

If using a compiled version on default path
[root@server1 $] /usr/local/squid/sbin/squid -v


If the output contains something with linux-net-filter then squid has transparent proxy.
Kind Regards
Mudasir Mirza (RHCE)
(+971)55-1045754
http://www.crystalnetworks.org
http://www.diglinux.com

mejam
Havaldaar
Posts: 127
Joined: Sat Oct 18, 2008 12:30 pm
Location: Lahore
Contact:

Postby mejam » Mon Dec 01, 2008 3:20 pm

my squid does not support transparent proxy...thats why i am after IP tables...
Regards

Abdulrehman

shakirz1
Battalion Quarter Master Havaldaar
Posts: 207
Joined: Sat Aug 09, 2003 5:00 pm
Location: Karachi
Contact:

Postby shakirz1 » Mon Dec 01, 2008 3:22 pm

IPTABLES="/sbin/iptables "
INTSUB="10.10.0.0/255.255.252.0"
SERVERIP="10.10.0.1"
INTDEV="eth1"

$IPTABLES -t nat -A PREROUTING -s $INTSUB -i $INTDEV -p tcp -m multiport --dports 80,3128 -j DNAT --to-destination=$SERVERIP:8080

mejam
Havaldaar
Posts: 127
Joined: Sat Oct 18, 2008 12:30 pm
Location: Lahore
Contact:

Postby mejam » Mon Dec 01, 2008 3:34 pm

tried this but its not working...
Regards

Abdulrehman

mudasir
Captain
Posts: 565
Joined: Tue Oct 17, 2006 5:23 am
Location: Dubai
Contact:

Postby mudasir » Mon Dec 01, 2008 3:44 pm

AOA,

In that case you should follow the DNAT method by shakir bhai. It will solve your problem.
Kind Regards
Mudasir Mirza (RHCE)
(+971)55-1045754
http://www.crystalnetworks.org
http://www.diglinux.com

mejam
Havaldaar
Posts: 127
Joined: Sat Oct 18, 2008 12:30 pm
Location: Lahore
Contact:

Postby mejam » Tue Dec 02, 2008 11:34 am

I managed to figure it out with the help of mudassir.....firewall was ok..problem was with squid...i had squid stable6 and that was too old and did not supported netfilters...i updated it to stable18 and now everything is fine...
Regards

Abdulrehman


Return to “Administration”

Who is online

Users browsing this forum: No registered users and 2 guests