LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
LinkBack Search this Thread
Old 05-24-2012, 09:24 AM   #1
skc
LQ Newbie
 
Registered: Jan 2010
Posts: 20

Rep: Reputation: 0
Squid and IPTABLES in CentOS 6.2


Hi All,

Here is my scenerio, I have two network in the office.
LAN1: 192.168.0.0/24
LAN2: 172.16.0.0/16

I have configured a machine with following:
eth0 has IP of 192.168.0.1 and can communicate to Internet
eth1 has IP of 172.16.0.1

squid/iptables has been installed on the machine.

I have webserver also which is configured at 192.168.0.2.

Now I need help to configure iptables for following:

1. all hosts of 172.16.0.0/16 can browse internet by redirecting 80 port to 3128 port to 172.16.0.1:3128.
2. No proxy connection from 172.16.0.0/16 to 192.168.0.0/24. (Direct Connection).
3. not to seen PROXY while check with http://www.whatismyip.com

regards
sunil
NEPAL
 
Old 05-24-2012, 09:40 AM   #2
Ser Olmy
Senior Member
 
Registered: Jan 2012
Distribution: Slackware
Posts: 1,821

Rep: Reputation: Disabled
Quote:
Originally Posted by skc View Post
1. all hosts of 172.16.0.0/16 can browse internet by redirecting 80 port to 3128 port to 172.16.0.1:3128.
2. No proxy connection from 172.16.0.0/16 to 192.168.0.0/24. (Direct Connection).
You can accomplish 1 with a simple REDIRECT rule. Put an ACCEPT rule right before it with 172.16.0.0./16 as source and 192.168.0.0./24 as destination, and you've taken care of 2. Untested:
Code:
iptables -t nat -A PREROUTING -s 192.168.0.0/24 -d 172.16.0.0/16 -j ACCEPT
iptables -t nat -A PREROUTING -s 192.168.0.0/24 -p tcp --dport 80 -j REDIRECT --to-ports 3128
For the above to work, squid must be configured as a transparent proxy.
Quote:
Originally Posted by skc View Post
3. not to seen PROXY while check with http://www.whatismyip.com
What exactly do you mean? Do you want to suppress the HTTP headers, or do you want proxied HTTP requests to originate from the client IP rather than that of the proxy server?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Redirecting trasparent squid traffic to squid by using iptables imran76 Linux - Security 1 03-13-2012 07:49 AM
Squid Proxy in CentOS hans_bug Linux - Newbie 8 05-31-2011 08:03 PM
Squid Configuration for Centos 5.5 gambitsquid Linux - Newbie 2 09-20-2010 04:47 AM
WHich squid for CentOS? qwertyjjj Linux - Server 12 08-04-2009 10:52 AM
[CentOS] Squid, iptables, dhcp server ? prixone Linux - Newbie 0 01-18-2008 12:37 AM


All times are GMT -5. The time now is 06:45 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration