LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 10-05-2004, 12:27 PM   #1
Steve2001
LQ Newbie
 
Registered: Sep 2004
Location: England
Distribution: Suse 9.1
Posts: 19

Rep: Reputation: 0
Can my Linux box be used as a transparent proxy on the LAN side of my router?


I'm not sure if I am being a complete idiot with this question, but I have done a lot of reading about transparent proxy servers using Squid but I am still not certain about one thing.

I have two PCs one running XP (for use by the children) and one SuSE 9.1, a cable modem and a NetGear wgr614v4 router.

I would like to carry out some content filtering on the Internet traffic to the Windows machine.

So I thought: I would use the Linux machine as a proxy server running Squid and DansGuardian so as all access to the Internet from either machine is via DansGurdian->Squid. The router will be connected to the cable modem and both PCs will be on the LAN side of the router.

I can set most of this up OK and can get the Windows box to use the Linux box for Internet access, however, I would like to force the Windows box to use the Linux box, i.e. unless the Windows machine is set to use the Linux box as a proxy server it will not get any Internet access.

I can get the Windows box to use the Linux box a a proxy but what stops the Windows user accessing the Internet directly?

Some things can be done on the router itself, but I'm not sure they help. The router can be set to block Internet access from certain IP addresses, and I could do this but then the problem is how do I ensure the Windows machine always has a fixed IP address, i.e. one the user can't change? It seems possible to configure the router ( working as DHCP) to always give the same IP address to the same MAC address, but then the user could assign a static IP address and have network access!

My basic question is: Can the linux box be set up as a transparent proxy server that the Windows box HAS to use to get Internet access? Or, am I barking up the wrong tree and a transparent proxy server must sit between the router and the cable modem?

Thanks for any help.
 
Old 01-31-2005, 06:53 PM   #2
CoolAJ86
Member
 
Registered: Jan 2004
Location: VT, USA
Distribution: Gentoo, Ubuntu - t3h 1337 & the easy, respectively
Posts: 125

Rep: Reputation: 15
Have you had any luck with this? I'd like to hear the answer to that myself.
 
Old 02-01-2005, 04:04 AM   #3
Steve2001
LQ Newbie
 
Registered: Sep 2004
Location: England
Distribution: Suse 9.1
Posts: 19

Original Poster
Rep: Reputation: 0
I think it is possible if you are using XP pro or Win2000 pro since then you can set and fix the IP address as the administrator so as other users will be unable to chang ehte IP address then the router can be setup to refuse connections from the particular IP address.

I have not done this however, I now use the XP box for my self and have the other PC dual boot in to either Linux (for internet / e-mail activities via Dansgauardian and Squid) or Win 2000 Pro (for use of Office). I have as Admin on the Win 2000 setup disabled the network connection. It seems to work fine, but it was not really the solution I was looking for i.e. force a Windows machine to access the interent via a Linux proxy server on the LAN side of a router.

Let me know if you find out.
 
Old 02-01-2005, 06:08 AM   #4
CoolAJ86
Member
 
Registered: Jan 2004
Location: VT, USA
Distribution: Gentoo, Ubuntu - t3h 1337 & the easy, respectively
Posts: 125

Rep: Reputation: 15
sure thing
 
Old 02-01-2005, 11:59 AM   #5
andrewdodsworth
Member
 
Registered: Oct 2003
Location: United Kingdom
Distribution: SuSE 10.0 - 11.4
Posts: 347

Rep: Reputation: 30
If you configure your router to only allow access to the internet from the linux box on which Squid's running then that should do it. If the Windows users tries to access the internet directly it will fail. You can then configure the proxy in Windows and you don't need the transparent proxy stuff.
 
Old 02-01-2005, 12:12 PM   #6
Steve2001
LQ Newbie
 
Registered: Sep 2004
Location: England
Distribution: Suse 9.1
Posts: 19

Original Poster
Rep: Reputation: 0
Yea, that sounds like it will do the trick.

I can as admin pin down the IP address of the XP machine and as you say only allow the Linux box Internet access. I was barking up the wrong tree. Thanks.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Linux Bricktop-->XP box-->LAN-->Proxy-->The World - but how? MooUK Linux - Networking 2 10-09-2005 04:51 PM
transparent internet/lan access through crossover through linux box Golovko Linux - Networking 3 03-04-2005 02:38 AM
Transparent access to linux machine on LAN Sinope Linux - Networking 2 09-27-2004 02:18 AM
static IP, a router, getting apache working ok Lan-side flippantfig Linux - Networking 2 06-04-2004 01:02 PM
Directly connecting RH9 box to ISP (cable), then off to a router to rest of lan? shirtboy Linux - Networking 7 11-18-2003 11:27 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 11:49 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration