LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
LinkBack Search this Thread
Old 02-09-2005, 10:53 PM   #1
cth3
LQ Newbie
 
Registered: Feb 2005
Posts: 5

Rep: Reputation: 0
iptables, DansGuardian, and Squid.


Hello I am trying to setup DansGuardian and Squid with no luck. Could some one please help me with my iptables config?

I am using Nat

eth1 is my public IP 63.119.169.XX
eth0 is my private IP 192.168.1.254

I am trying to set it up so all http requests on port 80 are sent to a transparent proxy (port 3128) and to DansGuardian (port 8080)

Here is the sample config from the site, however I cannot figure out how to change it so my NAT will still work.

Once you have Squid and DansGuardian set up, the final step is to implement a transparent proxy using iptables. Use the following commands at the command line to add rules to the firewall to allow the user squid to access both the Internet and the Squid proxy we set up.

iptables -t nat -A OUTPUT -p tcp --dport 80 -m owner --uid-owner squid -j ACCEPT

iptables -t nat -A OUTPUT -p tcp --dport 3128 -m owner --uid-owner squid -j ACCEPT


The next command redirects Internet traffic from all users, other than squid and any exempt users, to the filter on port 8080:

iptables -t nat -A OUTPUT -p tcp --dport 80 -j REDIRECT --to-ports 8080

Since we have a proxy server set up, a user could configure a Web browser to bypass the filter and access the proxy directly. The Squid proxy is listening for requests from the computer, and it doesn't care which user sends the request. We could set up our firewall to deny all access to the proxy except from our filter, but let's be a little sneakier. Let's set it up so that direct requests to the Squid proxy server, except from our filter, get redirected through the filter. To do this, use the following command:

iptables -t nat -A OUTPUT -p tcp --dport 3128 -j REDIRECT --to-ports 8080




Any help would be great.
Thanks!
Toby
 
Old 02-10-2005, 09:04 AM   #2
cth3
LQ Newbie
 
Registered: Feb 2005
Posts: 5

Original Poster
Rep: Reputation: 0
So basicly Im looking for the iptables commands to setup NAT, Squid and DansGuard.

eth1 is my public IP 63.119.169.XX
eth0 is my private IP 192.168.1.254

Thanks in advance.
Toby
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Proxy won't let me connect, iptables, squid and dansguardian hindenbergbaby Linux - Networking 4 12-02-2009 03:45 AM
Dansguardian/Squid HELP! Prizam Linux - Software 3 09-23-2005 06:30 PM
squid and dansguardian safe ports gone nickcol11 Linux - Networking 0 12-21-2004 04:32 PM
DansGuardian/Squid/SquidGuardian problems :-( Sn7 Linux - Security 1 06-21-2004 09:22 AM
DansGuardian, Squid, and Firewall rules jwgeurk Linux - Networking 7 06-18-2004 02:26 AM


All times are GMT -5. The time now is 05:33 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration