Thanks for all the great help.
But, ny setup isn't working. Please help.
I've installed a second NIC.
eth0 is set to static 10.0.0.1 255.0.0.0 DG 10.0.0.2 (the DSL router's IP) and connected to one of the ports on the DSL router.
eth1 is set to static 10.0.0.10 255.0.0.0 DG 10.0.0.2 and connected to the router of my local LAN (range 10.0.0.0/8)
The contents of my squid file looks like this:
auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/squid_passwd
#Recommended minimum configuration:
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
acl home_network src 10.0.0.0/8
acl BadSites dstdomain "usr/local/etc/restricted-sites.squid"
acl ncsa_users proxy_auth REQUIRED
http_access allow ncsa_users
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny to_localhost
http_access deny BadSites
http_access allow home_network
http_access allow localhost
http_access deny all
icp_access allow all
http_port 3128 transparent
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
cache deny QUERY
access_log /var/log/squid/access.log squid
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache
I've left a lot of the settings on default. I've followed a lot of the recommendations from an article on Linux Home networking (http://www.linuxhomenetworking.com/w...ess_with_Squid
My problems were:
1) I've lost internet connectivity from the squid box as well as from all the clients.
2) The squid's network config seemed as if it was losing an IP. When I ifconfiged, it showed as set above. After pinging several ips in my network, ifconfig suddenly reported eth1 as 169.254 ip (apipa address). How and/or why does eth1's static IP get changed to an APIPA address?
3) Is my default gateway correct as being the DSL router (10.0.0.2).
4) Should the proxy settings in my clients browsers be eth1 (internal) or eth0 (dsl router)?
5) Do I need to set iptables and firewall as described in above article? I don't need to use transparant proxy?
6) Where do I change the hostname of my squid box, which is now set to localhost?
7) Will someone also confirm that my squid.conf is correct. I did setup the ncsa_authorisations.
Thanks for all the help so long.