Setting Up Squid : Mission Impossible
Hi Linux Champions.
I am new to linux, Yestaday Installed Mandriva 2007 Spring on Office Backup proxy Sever. I want to move from ISA to Linux Based Solutions. before setting up linux at office I thought why not find do it at home. So Far for last 36 Hours I am unable to do so. Here is my Senario. Mandriva Firewall is down meaning ping or any network based request approches Mandiva server easily. My Madriva Server has 2 Lan Cards. One connected to Internet via Cablenet having ip address 10.10.10.97/24 and DG: 10.10.10.10 My secound lan card has ip 192.168.0.1/24 Directly connected to My Laptop having ip 192.168.0.2/24 Issue is I cant make Squid run. I tried copying several sample squid.conf lines from other conf files but it didnt work. Even Mandriva GUI based Internet Sharing toll dont let me share the internet. can you please make a sample squid.conf sample for me so i can read it and learn to implement at my office. one more thing Squid was preinstalled in mandriva but i again downloded the new version and typed tar zxvf squid....gz then ./configure then make then make install. and tried squid -z but that too gave errors. I AM SOOOO CONFUSED!! Please Help |
well the default squid configuration file will work out of the box. we can't tell you what you want in it, unless you can provide us more information about what is not currently working. do you have any errors? check your squid log files...
|
It WORKED
I dont know what happened.
I tried a lot like service network restart after changing ips of lan card and service squid restart then using mandriva gui for net sharing. at the end i got fustrated and shutdown the pc. now after 1 hour i came back restarted the pc and guess what squid works my laptop can access the web. I dont have a clue how. here is my total squid.conf file please tell me where it is stated the direct net interface is 10.10.10.97/24 with GW:10.10.10.10 and client pc is 192.168.0.1. I know i changed first 2 lines. Quote:
Now thats my total squid file. can you tell me what this manager is ? and how to make this squid transparent? |
Quote:
Quote:
I'm sure your squid is already at 2.6STABLE. Then instruct your firewall to redirect all outgoing http (www) accesses to 127.0.0.1 port 3128 then remove any reference of proxy in all of your client's browsers. ----------- |
Hi
I was sick for last 1 week. any way thanks for answering about transparent squid. this statement you told me (http_port 127.0.0.1:3128 transparent) is it ok if i type is after http_port 192.168.0.1:3128 or b4 it?. 2nd can you tell me how i can redirect my outgoing firewall to loopback address 3128 port? |
Binding squid at 127.0.0.1 would made squid transparent to your clients and no settings are required on their browsers.
I'm no iptables zealot but an OpenBSD PF and lets hope that someone out there could help you do the port redirection. Code:
|
Redrawn:
Code:
|
exactly
what is this ipchanins command to redirect all browsers 80 port request to my machine and direct them to my dsl ipaddress. |
In your firewall box's iptables' rules, all you have to do is do a port forwarding or redirection of all outgoing http or www traffic to 127.0.0.1 at port 3128 then as well open outgoing http traffic through your external/public interface.
This guarantees that your clients would not be able to bypass your squid proxy server. I'm sorry, I don't have sound experience writing iptables since I'm an OpenBSD/PF user when it comes to firewall and proxy. Hope that someone reading this would lend you a hand. ----------- |
Dear Gani,
Can you help me setup squid if i install Freebsd ? i just want experience in Linux/Unix systems and learn other OS then Microsoft. i just downloaded freebsd 6.2 and i have extra old system :HP vectra system 1ghz 256ram 10gb hdd can you help me? Best Regards |
Dear Gani,
Can you help me setup squid if i install Freebsd ? i just want experience in Linux/Unix systems and learn other OS then Microsoft. i just downloaded freebsd 6.2 and i have extra old system :HP vectra system 1ghz 256ram 10gb hdd can you help me? Best Regards |
Sure! Though I'm recommending OpenBSD when it comes to firewall than FreeBSD and this is the one that I'm always using.
I like OBSD's PF (Packet Filter) ease of use and syntax and most of all, today's PF (the one with ver. 4.1) has been greatly improved and added with great speed. FreeBSD's port of PF was I thought taken from OBSD ver 3.7. Besides OBSD security track record is undoubted and this OS is the right one for firewall, ultra secure BIND DNS and other security-sensitive applications. In fact, undeadly.org has announced with great joy that the BIND server shipped with OBSD has not been affected with the latest BIND cache poisoning issue. Here is my contact: g4389@yahoo.com For OBSD starters: http://www.openbsd101.com --------- |
Dear Arbab Ali,
This is really a confession, last year I used TSL 2.2 (Trustix Secure Linux). I know its lite and secure also, but really gave me headache about the rpm itself. So I was searching for the best OS. I kept download ISO files, and burnt 'em to CD and tried it for couple weeks. But, none of them pleased me. One day, I asked in this forum about DG (dansguardian). And this person answered my doubts about BSD, he is Mr. Gani. He thought me everything about OpenBSD. And until now I neva search another OS around. And all my servers I change it one by one, now I'm using OpenBSD 4.1 for all servers. And here is my website powered by OpenBSD. http://www.melwin.web.id The DNS Server (BIND) its more secure than other BIND, you can read it here http://undeadly.org/cgi?action=artic...20070725193920 And also OpenBSD is well documented, so never worry about getting lost. |
Thx
WOW
You Guys at Linuxquestions are realy helpfull. ok ill download OBSD today. it will take me 2 days. so ill post day after 2marrow and inform you about the progress made. Thanks in Advance. Specialy You Dear Gani. Regards |
OBSD doesn't provide ISO installer. Instead, you will have to download a small CD ISO to be used to boot and start an FTP installation.
Simply follow the instructions at http://www.openbsd101.com or visit OpenBSD's FAQ. Then your thread regarding OBSD should go under the BSD forum. -------- |
All times are GMT -5. The time now is 03:31 PM. |