Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
10-05-2004, 12:27 PM
|
#1
|
LQ Newbie
Registered: Sep 2004
Location: England
Distribution: Suse 9.1
Posts: 19
Rep:
|
Can my Linux box be used as a transparent proxy on the LAN side of my router?
I'm not sure if I am being a complete idiot with this question, but I have done a lot of reading about transparent proxy servers using Squid but I am still not certain about one thing.
I have two PCs one running XP (for use by the children) and one SuSE 9.1, a cable modem and a NetGear wgr614v4 router.
I would like to carry out some content filtering on the Internet traffic to the Windows machine.
So I thought: I would use the Linux machine as a proxy server running Squid and DansGuardian so as all access to the Internet from either machine is via DansGurdian->Squid. The router will be connected to the cable modem and both PCs will be on the LAN side of the router.
I can set most of this up OK and can get the Windows box to use the Linux box for Internet access, however, I would like to force the Windows box to use the Linux box, i.e. unless the Windows machine is set to use the Linux box as a proxy server it will not get any Internet access.
I can get the Windows box to use the Linux box a a proxy but what stops the Windows user accessing the Internet directly?
Some things can be done on the router itself, but I'm not sure they help. The router can be set to block Internet access from certain IP addresses, and I could do this but then the problem is how do I ensure the Windows machine always has a fixed IP address, i.e. one the user can't change? It seems possible to configure the router ( working as DHCP) to always give the same IP address to the same MAC address, but then the user could assign a static IP address and have network access!
My basic question is: Can the linux box be set up as a transparent proxy server that the Windows box HAS to use to get Internet access? Or, am I barking up the wrong tree and a transparent proxy server must sit between the router and the cable modem?
Thanks for any help.
|
|
|
01-31-2005, 06:53 PM
|
#2
|
Member
Registered: Jan 2004
Location: VT, USA
Distribution: Gentoo, Ubuntu - t3h 1337 & the easy, respectively
Posts: 125
Rep:
|
Have you had any luck with this? I'd like to hear the answer to that myself.
|
|
|
02-01-2005, 04:04 AM
|
#3
|
LQ Newbie
Registered: Sep 2004
Location: England
Distribution: Suse 9.1
Posts: 19
Original Poster
Rep:
|
I think it is possible if you are using XP pro or Win2000 pro since then you can set and fix the IP address as the administrator so as other users will be unable to chang ehte IP address then the router can be setup to refuse connections from the particular IP address.
I have not done this however, I now use the XP box for my self and have the other PC dual boot in to either Linux (for internet / e-mail activities via Dansgauardian and Squid) or Win 2000 Pro (for use of Office). I have as Admin on the Win 2000 setup disabled the network connection. It seems to work fine, but it was not really the solution I was looking for i.e. force a Windows machine to access the interent via a Linux proxy server on the LAN side of a router.
Let me know if you find out.
|
|
|
02-01-2005, 06:08 AM
|
#4
|
Member
Registered: Jan 2004
Location: VT, USA
Distribution: Gentoo, Ubuntu - t3h 1337 & the easy, respectively
Posts: 125
Rep:
|
sure thing
|
|
|
02-01-2005, 11:59 AM
|
#5
|
Member
Registered: Oct 2003
Location: United Kingdom
Distribution: SuSE 10.0 - 11.4
Posts: 347
Rep:
|
If you configure your router to only allow access to the internet from the linux box on which Squid's running then that should do it. If the Windows users tries to access the internet directly it will fail. You can then configure the proxy in Windows and you don't need the transparent proxy stuff.
|
|
|
02-01-2005, 12:12 PM
|
#6
|
LQ Newbie
Registered: Sep 2004
Location: England
Distribution: Suse 9.1
Posts: 19
Original Poster
Rep:
|
Yea, that sounds like it will do the trick.
I can as admin pin down the IP address of the XP machine and as you say only allow the Linux box Internet access. I was barking up the wrong tree. Thanks.
|
|
|
All times are GMT -5. The time now is 11:49 AM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|