squid as transparent in RHEL 4
i will say again according to rhel manuals and books that i have explored they called it with the name of iptables service in many places.. I am totally understanding your logics that you giving and totally understand what is a daemon but are you asking to me accept rhel peoples are stupid enough to call it a service!
I talked with you along with references here i give you again where author naming it as a service.
http://www.redhat.com/docs/manuals/linu ... ables.html
Activating the iptables Service!
Now you want me to refuse this whole enterprise distribution???
and Yes No More Argues on That Because I am totally convinced with your signature!a
I talked with you along with references here i give you again where author naming it as a service.
http://www.redhat.com/docs/manuals/linu ... ables.html
Activating the iptables Service!
Now you want me to refuse this whole enterprise distribution???
and Yes No More Argues on That Because I am totally convinced with your signature!a
-
- Naik
- Posts: 60
- Joined: Wed Oct 05, 2005 12:37 pm
AoA!
I got this rules from command "iptables -t nat -L".
<<<Quote>>>>
target prot opt source destination
REDIRECT tcp -- anywhere anywhere tcp dpt:http redir ports 8080
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE all -- 194.9.100.0 anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
<</Quote>>
Thanks
I got this rules from command "iptables -t nat -L".
<<<Quote>>>>
target prot opt source destination
REDIRECT tcp -- anywhere anywhere tcp dpt:http redir ports 8080
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE all -- 194.9.100.0 anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
<</Quote>>
Thanks
-
- Naik
- Posts: 60
- Joined: Wed Oct 05, 2005 12:37 pm
AOA,
I beg you guyz please dont finght... i am sorry that i mistakenly wrote something that i should not have written without doing a complete research on that, i can never argue with Mr.Lambda as he is very much senior and have more experience then me.
I am sorry again, all this started becasue of me.
I beg you guyz please dont finght... i am sorry that i mistakenly wrote something that i should not have written without doing a complete research on that, i can never argue with Mr.Lambda as he is very much senior and have more experience then me.
I am sorry again, all this started becasue of me.
Kind Regards
Mudasir Mirza (RHCE)
(+971)55-1045754
http://www.crystalnetworks.org
http://www.diglinux.com
Mudasir Mirza (RHCE)
(+971)55-1045754
http://www.crystalnetworks.org
http://www.diglinux.com
it's all very simple.
smtp is a service, and sendmail (or postfix) is its server and outlook is its client.
http is a service, and apache (or iis) is its server and firefox is its client.
snmp is a service, and snmpd is its server and snmpnetstat is its client.
iptables is a service, and _____ is its server, and ____ is its client.
can anyone fill in the blanks with something reasonable?
iptables is not a service, just like "mv" or "ls" aren't services.
smtp is a service, and sendmail (or postfix) is its server and outlook is its client.
http is a service, and apache (or iis) is its server and firefox is its client.
snmp is a service, and snmpd is its server and snmpnetstat is its client.
iptables is a service, and _____ is its server, and ____ is its client.
can anyone fill in the blanks with something reasonable?
iptables is not a service, just like "mv" or "ls" aren't services.
Watch out for the Manners Taliban!
Isn't it amazing how so many people can type "linuxpakistan.net" into their browsers but not "google.com"?
Isn't it amazing how so many people can type "linuxpakistan.net" into their browsers but not "google.com"?
I do not see any fight except that lambda is bent upon making what they say " Demagh - ki - Dahi " . What he is saying is correct yet you guys are also not wrong in quoting what you read.
I am not a guru like lambda still I can try to give you guys a hint.
IP Tables are user level access to change filtering mechanism of Kernel and remember kernel is not a Daemon [ a Daemon runs over some kernel and if we say kernel is a daemon then kernel runs over what ? ]
Now if some one would make a "Lassi" of that " Dahi" then some butter would come up .
Google is your friend!
I am not a guru like lambda still I can try to give you guys a hint.
IP Tables are user level access to change filtering mechanism of Kernel and remember kernel is not a Daemon [ a Daemon runs over some kernel and if we say kernel is a daemon then kernel runs over what ? ]
Now if some one would make a "Lassi" of that " Dahi" then some butter would come up .
Google is your friend!
mudasir wrote:AOA,
I beg you guyz please dont finght...
AOA,
Dear majidnazeer,
In your squid.conf file try to add these lines, below configuration is made on assumption that squid is running on port 8080 and is on the same macine.
Then run these IPTABLES rules.
Do let us know if it works for you or not.
Dear majidnazeer,
In your squid.conf file try to add these lines, below configuration is made on assumption that squid is running on port 8080 and is on the same macine.
Code: Select all
http_port 8080 transparent
http_port 80 vport vhost
Code: Select all
NETWORK="eth0"
INTERNET="eth1"
LOC_IP="192.168.0.1/24"
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -o $INTERNET -p ALL -j MASQUERADE
iptables -t nat -A PREROUTING -i $NETWORK -s $LOC_IP -p tcp --dport 80 -j REDIRECT --to-port 8080
iptables -t nat -A PREROUTING -i $NETWORK -s $LOC_IP -p udp --dport 80 -j REDIRECT --to-port 8080
Kind Regards
Mudasir Mirza (RHCE)
(+971)55-1045754
http://www.crystalnetworks.org
http://www.diglinux.com
Mudasir Mirza (RHCE)
(+971)55-1045754
http://www.crystalnetworks.org
http://www.diglinux.com
I consider he is using Squid 2.5 stable 6 that comes built in with rhel4 so those options won't work. He has to use httpd_accelerator options for making it transparent.mudasir wrote:AOA,
Code: Select all
http_port 8080 transparent http_port 80 vport vhost
AOA,
Dear Usman,
In his first post he stated
Dear Usman,
In his first post he stated
I installed squid 2.6 stable 17 on RHEL 4. But squid not run as transparent proxy whenever i installed same squid on fedor2 that worked fine as transparent proxy or proxy
Kind Regards
Mudasir Mirza (RHCE)
(+971)55-1045754
http://www.crystalnetworks.org
http://www.diglinux.com
Mudasir Mirza (RHCE)
(+971)55-1045754
http://www.crystalnetworks.org
http://www.diglinux.com
Sorry forgot about that! Then as far as i can guess he must have made some problem while compiling the source code. why don't he give up the outcome of
Code: Select all
squid -v