Go Job Hunting at the LQ Job Marketplace
Go Back > Forums > Linux Forums > Linux - Server
User Name
Linux - Server This forum is for the discussion of Linux Software used in a server related context.


  Search this Thread
Old 01-06-2009, 11:38 PM   #1
Registered: Jan 2009
Location: India
Distribution: fc9 x86_64
Posts: 35

Rep: Reputation: 15
squid! not able to route clients through proxy

i have a pc with 2 nics

eth0 external lan ip - connected to dsl modem
eth1 internal lan ip - connected to switch

i am running fc 9

i have installed squid with following settings:


dns_nameservers (it is modem ip)


acl manager proto cache_object

acl localhost src

acl to_localhost dst

acl SSL_ports port 2083 443 563

acl Safe_ports port 80 # http

acl Safe_ports port 21 # ftp

acl Safe_ports port 2083 443 563 # https, snews

acl Safe_ports port 70 # gopher

acl Safe_ports port 210 # wais

acl Safe_ports port 1025-65535 # unregistered ports

acl Safe_ports port 280 # http-mgmt

acl Safe_ports port 488 # gss-http

acl Safe_ports port 591 # filemaker

acl Safe_ports port 777 # multiling http



acl internal_network src

http_access allow internal_network

http_access allow localnet


clients are running win xp
clients gateway is
and dns

starting squid and configuring localhost browser to proxy settings

now my localhost traffic is being cached
but not able to connect internet from clients
all requests return packets "destination host unrechable"

* i have not made any changes to the iptables

please help me.

Old 01-07-2009, 03:24 AM   #2
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1971Reputation: 1971Reputation: 1971Reputation: 1971Reputation: 1971Reputation: 1971Reputation: 1971Reputation: 1971Reputation: 1971Reputation: 1971Reputation: 1971
phrases like "destination host unreachable" "route" and "packets" suggests that you're trying to ping remote servers (or similar), rather than access web content. squid is a web proxy, not a router, it can not route traffic for your clients at all. if that's just unfortunate language, what does the squid access_log and error_log say?
Old 01-07-2009, 07:42 AM   #3
Registered: Jan 2009
Location: India
Distribution: fc9 x86_64
Posts: 35

Original Poster
Rep: Reputation: 15
i am sorry for the foul language and my choice of words acid

there is no error in the access log or cache.log

the "dest host unreachable" is what return packets to clients from the server read, i monitored it on WIRESHARK.

1231335295.436 RELEASE -1 FFFFFFFF 0D9D27251AB2D8F7323169C799D32726 200 1231334964 1193963761 271080000 image/gif 35/35 GET
is what last line in store.log

1231335295.436 925 TCP_MISS/200 507 GET - DIRECT/ image/gif
is the last line in the access.log is the server ip on the internal network
i have configured the server's mozilla to use proxy and it is doing so perfectly.

do i need to do some kind of packet forwarding from eth0 to eth1 or vice versa for enabling the clients?

please help


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
configure squid proxy with cc proxy as a parent proxy faisi Linux - Networking 1 08-10-2010 01:16 PM
configure squid proxy with microsoft proxy as a parent proxy nintykola Linux - Software 1 08-28-2007 01:38 AM
Access authenticating FTP sites using FTP Clients on XP clients via SQUID munirg2003 Linux - Networking 2 06-12-2007 10:58 PM
Citrix Clients Behind Squid Proxy jamminblue Linux - Networking 0 02-16-2005 10:03 AM

All times are GMT -5. The time now is 12:30 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration