LinuxQuestions.org
LinuxAnswers - the LQ Linux tutorial section.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 01-28-2010, 05:58 AM   #1
ashishkhandelwal
Member
 
Registered: Jan 2010
Posts: 34

Rep: Reputation: 15
Problem with squid server installation


I have installed squid proxy server at server side so that all PCs connected to the server will access internet through it.I have made changes in squid.conf file also.I have added these two lines:-
acl localnet src 192.168.0.167 192.168.0.0-192.168.0.250/255.255.255.0
http_access allow localnet
But all the PCs connected to LAN are not able to connect to internet.I am using correct gateway IP at all PCs.

I have created a script as per instructions given on internet.That script is as following:-

INTIF="eth1"
EXTIF="eth2"
EXTIP="192.168.0.167"
/sbin/depmod -a
/sbin/modprobe ip_tables
/sbin/modprobe ip_conntrack
/sbin/modprobe ip_conntrack_ftp
/sbin/modprobe ip_conntrack_irc
/sbin/modprobe iptable_nat
/sbin/modprobe ip_nat_ftp
echo "1" > /proc/sys/net/ipv4/ip_forward
echo "1" > /proc/sys/net/ipv4/ip_dynaddr
iptables -P INPUT ACCEPT
iptables -F INPUT
iptables -P OUTPUT ACCEPT
iptables -F OUTPUT
iptables -P FORWARD DROP
iptables -F FORWARD
iptables -t nat -F
iptables -A FORWARD -i $EXTIF -o $INTIF -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -i $INTIF -o $EXTIF -j ACCEPT
iptables -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE

Now when i am running this script at server side then all the PCs connected to LAN are able to access internet although squid service is stopped.But i only want all the PCs should access internet through SQUID so that i can track their record and manage them.What is the solution of my problem???What changes should i need to do.Is my problem related to firewall or iptables as i have no idea regarding them.Please solve my issue.
 
Old 01-28-2010, 06:48 AM   #2
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,398

Rep: Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963
You're using an illegal ACL format... that's an IP range AND a subnet crammed into a single line. Is quid not complaining about this? Additionally you've not said what actually happens. What happens on the client?? what happens on the server?? "It don't work" is not a sufficient amount of information to provide.

Also looks like your iptables is completely backwards. Your "local" network is set as your external interface, so any masquerading will not work. None of that should matter in the slightest here though, just disable iptables for testing squid.
 
Old 01-28-2010, 10:25 PM   #3
ashishkhandelwal
Member
 
Registered: Jan 2010
Posts: 34

Original Poster
Rep: Reputation: 15
I have corrected my acl format and now there is no error in that.Second thing is that i have already told that the internet is working fine at client side when i am using the above mentioned script whether squid is on or off.I am not able to find out which client has accessed which websites and downloaded what things as access logs are not generating.I have no idea about iptables so how can i disable the iptables.
 
Old 01-29-2010, 12:44 AM   #4
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,398

Rep: Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963
What are you actually trying to acheive? natting or proxying? It sounds a lot like you don't really understand what you're doing to any real extent. "The internet" told to you make that script?? care to expand on that?
 
  


Reply

Tags
server, squid


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Squid source code installation problem gulnawaz Linux - Server 3 12-03-2009 10:30 AM
Problem with configuration of Squid server behind a squid ajitup Linux - Server 13 08-12-2009 10:55 PM
squid Guard installation problem hariiyer Linux - Software 2 12-15-2007 04:41 AM
squid Guard installation problem hariiyer Linux - Software 3 03-26-2005 07:08 AM
Problem Squid Proxy Installation cyberM Linux - Software 1 11-21-2004 09:44 PM


All times are GMT -5. The time now is 07:40 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration