How to use Squid with load balancing scripts

Taking care of your Linux box.

How to use Squid with load balancing scripts

Postby mejam » Fri Nov 28, 2008 8:15 pm

Dear All,
I am running CentOS5.2 and i have done load balancing through scripting...I have my LAN on ETH0 and two DSLs at ETH1 and ETH2...i have configured squid too...i dont want my users to manually give proxy in their browsers...thats why i used iptables to redirect port 80 to 3128...my clients are on winXP...they give the IP of my centos server in their gateway...but no browsing at all...i have NAT ETH1 and ETH2 both...if i disable this port redirection rule...every thing works but when i enable this redirection rules...every thing stops...Please help....!
Regards
Abdulrehman
mejam
Havaldaar
 
Posts: 127
Joined: Sat Oct 18, 2008 12:30 pm
WLM: bmw1000cc@hotmail.com
Yahoo Messenger: vagabond_aw@yahoo.com
Location: Lahore

Postby shakirz1 » Sat Nov 29, 2008 11:01 am

instead of redirect use DNAT ip:port of squid, it will solve your problem.
shakirz1
Battalion Quarter Master Havaldaar
 
Posts: 207
Joined: Sat Aug 09, 2003 5:00 pm
Website: http://www.fattanis.cjb.net
WLM: shakirz1@hotmail.com
Yahoo Messenger: shakirz1@yahoo.com
Location: Karachi

Postby mejam » Mon Dec 01, 2008 10:36 am

#iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 3128

my rule is this...can u please tell me the DNAT rule ...?
Regards

Abdulrehman
mejam
Havaldaar
 
Posts: 127
Joined: Sat Oct 18, 2008 12:30 pm
WLM: bmw1000cc@hotmail.com
Yahoo Messenger: vagabond_aw@yahoo.com
Location: Lahore

Postby mudasir » Mon Dec 01, 2008 1:12 pm

AOA,

Please check whether the squid version installed supports transparent proxy or not. You can check this by following command

Code: Select all

If using default installed squid
[root@server1 $] squid -v

If using a compiled version on default path
[root@server1 $] /usr/local/squid/sbin/squid -v


If the output contains something with linux-net-filter then squid has transparent proxy.
Kind Regards
Mudasir Mirza (RHCE)
(+971)55-1045754
http://www.crystalnetworks.org
http://www.diglinux.com
mudasir
Captain
 
Posts: 565
Joined: Tue Oct 17, 2006 5:23 am
Website: http://www.crystalnetworks.org
Location: Dubai

Postby mejam » Mon Dec 01, 2008 3:20 pm

my squid does not support transparent proxy...thats why i am after IP tables...
Regards

Abdulrehman
mejam
Havaldaar
 
Posts: 127
Joined: Sat Oct 18, 2008 12:30 pm
WLM: bmw1000cc@hotmail.com
Yahoo Messenger: vagabond_aw@yahoo.com
Location: Lahore

Postby shakirz1 » Mon Dec 01, 2008 3:22 pm

IPTABLES="/sbin/iptables "
INTSUB="10.10.0.0/255.255.252.0"
SERVERIP="10.10.0.1"
INTDEV="eth1"

$IPTABLES -t nat -A PREROUTING -s $INTSUB -i $INTDEV -p tcp -m multiport --dports 80,3128 -j DNAT --to-destination=$SERVERIP:8080
shakirz1
Battalion Quarter Master Havaldaar
 
Posts: 207
Joined: Sat Aug 09, 2003 5:00 pm
Website: http://www.fattanis.cjb.net
WLM: shakirz1@hotmail.com
Yahoo Messenger: shakirz1@yahoo.com
Location: Karachi

Postby mejam » Mon Dec 01, 2008 3:34 pm

tried this but its not working...
Regards

Abdulrehman
mejam
Havaldaar
 
Posts: 127
Joined: Sat Oct 18, 2008 12:30 pm
WLM: bmw1000cc@hotmail.com
Yahoo Messenger: vagabond_aw@yahoo.com
Location: Lahore

Postby mudasir » Mon Dec 01, 2008 3:44 pm

AOA,

In that case you should follow the DNAT method by shakir bhai. It will solve your problem.
Kind Regards
Mudasir Mirza (RHCE)
(+971)55-1045754
http://www.crystalnetworks.org
http://www.diglinux.com
mudasir
Captain
 
Posts: 565
Joined: Tue Oct 17, 2006 5:23 am
Website: http://www.crystalnetworks.org
Location: Dubai

Postby mejam » Tue Dec 02, 2008 11:34 am

I managed to figure it out with the help of mudassir.....firewall was ok..problem was with squid...i had squid stable6 and that was too old and did not supported netfilters...i updated it to stable18 and now everything is fine...
Regards

Abdulrehman
mejam
Havaldaar
 
Posts: 127
Joined: Sat Oct 18, 2008 12:30 pm
WLM: bmw1000cc@hotmail.com
Yahoo Messenger: vagabond_aw@yahoo.com
Location: Lahore


Return to “%s” Administration

Who is online

Users browsing this forum: No registered users and 1 guest

cron