squid as transparent in RHEL 4
-
- Naik
- Posts: 60
- Joined: Wed Oct 05, 2005 12:37 pm
squid as transparent in RHEL 4
I installed squid 2.6 stable 17 on RHEL 4. But squid not run as transparent proxy whenever i installed same squid on fedor2 that worked fine as transparent proxy or proxy.
Is it problem of RHEL4? Anybody can help me.
I use below configuration own squid and rc.local.
http_port 192.168.0.1:8080 transparent
iptables -t NAT -A POSTROUTING -s 192.168.0.1 -o eth1 -j MASQUERADE
iptables -t NAT -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080
eth1=ISP ip
eth0=local ip
Thanks
Thanks
Majid
Is it problem of RHEL4? Anybody can help me.
I use below configuration own squid and rc.local.
http_port 192.168.0.1:8080 transparent
iptables -t NAT -A POSTROUTING -s 192.168.0.1 -o eth1 -j MASQUERADE
iptables -t NAT -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080
eth1=ISP ip
eth0=local ip
Thanks
Thanks
Majid
dunno. i have pretty much the same thing, and it works for me:
does "squid -v" say "--enable-linux-netfilter"?
Code: Select all
http_port 192.168.0.67:3128 transparent
Code: Select all
iptables -t nat -A PREROUTING -i eth1 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
Watch out for the Manners Taliban!
Isn't it amazing how so many people can type "linuxpakistan.net" into their browsers but not "google.com"?
Isn't it amazing how so many people can type "linuxpakistan.net" into their browsers but not "google.com"?
AOA,
Dear majidnazeer,
The rules stated by you and Mr.Lambda, these rules always works. If they are not working, please paste your complete IPTABLES rules, there might be something wrong in your rules...
Dear majidnazeer,
The rules stated by you and Mr.Lambda, these rules always works. If they are not working, please paste your complete IPTABLES rules, there might be something wrong in your rules...
Kind Regards
Mudasir Mirza (RHCE)
(+971)55-1045754
http://www.crystalnetworks.org
http://www.diglinux.com
Mudasir Mirza (RHCE)
(+971)55-1045754
http://www.crystalnetworks.org
http://www.diglinux.com
-
- Naik
- Posts: 60
- Joined: Wed Oct 05, 2005 12:37 pm
posting a question and answering it yourself as well if you are so sure then why did you posted?? the problem is not your rhel box but in your configuration. why dont you run
and paste reults here and as well as your squid conf. and i will like to know that do have also installed the squid comming built in with rhel or just compiled for yourself.
Code: Select all
/sbin/iptables -t nat -L
AOA,
Dear majidnazeer,
As i said without looking into your IPTABLES rules, no one can tell you what is the problem.
You can also check whether IPTABLES service is running or not. And if it is not running then just start the service then apply these rules, and see whether they work or not.
Dear majidnazeer,
As i said without looking into your IPTABLES rules, no one can tell you what is the problem.
You can also check whether IPTABLES service is running or not. And if it is not running then just start the service then apply these rules, and see whether they work or not.
Kind Regards
Mudasir Mirza (RHCE)
(+971)55-1045754
http://www.crystalnetworks.org
http://www.diglinux.com
Mudasir Mirza (RHCE)
(+971)55-1045754
http://www.crystalnetworks.org
http://www.diglinux.com
iptables is not a service. stop calling it that!
Watch out for the Manners Taliban!
Isn't it amazing how so many people can type "linuxpakistan.net" into their browsers but not "google.com"?
Isn't it amazing how so many people can type "linuxpakistan.net" into their browsers but not "google.com"?
What would you like to call it a Daemon?lambda wrote:iptables is not a service. stop calling it that!
ok it is not a service then in RHEL why we say
# service iptables start/stop/restart
is there any difference between Daemon/Service ????
You need to consult your RHCE books again about which am sure you are not certified!
AOA,
Dear Usman and Lambda,
I think we should try to solve the problem rather then just argue in this little misconfusion created by ME....
To clear somethings up..
iptables ---> is the service
/sbin/iptables ---> is the deamon.
A ‘daemon’ is a software process that runs in the background (continuously) and provides the service to client upon request.
Difference Between Service and Deamon
So, i think i was correct
To the main problem, Dear majidnazeer, please post your iptables rules so that we try to solve your problem.
Dear Usman and Lambda,
I think we should try to solve the problem rather then just argue in this little misconfusion created by ME....
To clear somethings up..
iptables ---> is the service
/sbin/iptables ---> is the deamon.
A ‘daemon’ is a software process that runs in the background (continuously) and provides the service to client upon request.
Difference Between Service and Deamon
So, i think i was correct
To the main problem, Dear majidnazeer, please post your iptables rules so that we try to solve your problem.
Kind Regards
Mudasir Mirza (RHCE)
(+971)55-1045754
http://www.crystalnetworks.org
http://www.diglinux.com
Mudasir Mirza (RHCE)
(+971)55-1045754
http://www.crystalnetworks.org
http://www.diglinux.com
-
- Naik
- Posts: 60
- Joined: Wed Oct 05, 2005 12:37 pm
hi all!
i use below mention rule in rc.local.
<<Quote>>
touch /var/lock/subsys/local
echo "1" > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -s 192.168.0.0 -o eth0 -j MASQUERADE
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j REDIRECT --to-port 8080
modprobe ip_conntrack_ftp
modprobe ip_nat_ftp
/usr/local/squid/sbin/squid
<</Quote>>
Thanks
Majid
i use below mention rule in rc.local.
<<Quote>>
touch /var/lock/subsys/local
echo "1" > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -s 192.168.0.0 -o eth0 -j MASQUERADE
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j REDIRECT --to-port 8080
modprobe ip_conntrack_ftp
modprobe ip_nat_ftp
/usr/local/squid/sbin/squid
<</Quote>>
Thanks
Majid
is this outcome came from
I am sure its not!
Code: Select all
iptables -t nat -L
wow, not only don't you understand what a "service" is, you don't even know what a "daemon" is. how'd you get so far without learning that?x2oxen wrote:What would you like to call it a Daemon?
tell me, ox, if it's a service (or a daemon, whatever you prefer), what process runs continuously when you use iptables?ok it is not a service then in RHEL why we say
# service iptables start/stop/restart
is there any difference between Daemon/Service ????
why don't you come out and actually define what a daemon (or service) is on linux? can you do that? no, you CAN'T.
who cares what rhel/rhce/fedora say about linux? redhat is not the only linux distribution out there! i don't need to consult any "books" because i've used linux and unix since before redhat existed as a company! you know NOTHING!You need to consult your RHCE books again about which am sure you are not certified!
you are incorrect. /sbin/iptables is not a daemon. when you set some rules using iptables, and then you run "ps auxww", do you see iptables running in the background?mudasir wrote:To clear somethings up..
iptables ---> is the service
/sbin/iptables ---> is the deamon.
instead of blindly pasting links to web pages, try to actually take the time to read them.
Watch out for the Manners Taliban!
Isn't it amazing how so many people can type "linuxpakistan.net" into their browsers but not "google.com"?
Isn't it amazing how so many people can type "linuxpakistan.net" into their browsers but not "google.com"?
I think you should know 1st we are discussing about RHEL squid issue here but not any other distribution.who cares what rhel/rhce/fedora say about linux? redhat is not the only linux distribution out there! i don't need to consult any "books" because i've used linux and unix since before redhat existed as a company! you know NOTHING!
I can define a daemon or service for sure but not for you. In edition for your information Red Hat is calling iptables a SERVICEtell me, ox, if it's a service (or a daemon, whatever you prefer), what process runs continuously when you use iptables?
why don't you come out and actually define what a daemon (or service) is on linux? can you do that? no, you CAN'T.
http://www.redhat.com/docs/manuals/linu ... ables.html
Still not agree then
IPTABLES SERVICE
IPTABLES SERVICE
IPTABLES SERVICE
Who cares you mind that
as if squid on rhel is any different from squid on any other distribution. irrelevant!x2oxen wrote:I think you should know 1st we are discussing about RHEL squid issue here but not any other distribution.
again with the stupid redhat definitions. just because redhat considers anything you start or stop using the "service" command a service doesn't mean it's actually a service. you can run "service ntpdate start" but there is no ntpdate service, just like there's no iptables service. you could also run "/etc/init.d/ntpdate start", because that's all that "service ntpdate start" does -- would you still claim it's a service? (knowing your lack of a logical approach to problems, probably yes.)In edition for your information Red Hat is calling iptables a SERVICE
do you honestly believe that redhat invented the term "service"? and no, i don't believe you can define what a service or a daemon is, at least in the context of unix/linux.
as per my signature, you're not worth arguing with any more.Who cares you mind that
Watch out for the Manners Taliban!
Isn't it amazing how so many people can type "linuxpakistan.net" into their browsers but not "google.com"?
Isn't it amazing how so many people can type "linuxpakistan.net" into their browsers but not "google.com"?