-   Linux - Networking (
-   -   NAT/Squid/Dansquradian -HELP! (

pworcester 04-16-2009 04:59 PM

NAT/Squid/Dansquradian -HELP!

I'm running a multi-home linux server that uses nat to pass my workstations to the web.

eth0 - - public side
eht1 - - private side

I've installed squid 3.0 and dansguardian 2.10 and nothing is filtering or being recorded in either the squid access.log or the dansguardian access.log

Here is my iptables config:

/sbin/modprobe iptable_nat
/usr/sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
/usr/sbin/iptables -A FORWARD -i eth0 -o eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT
/usr/sbin/iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT
/usr/sbin/iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080


billymayday 04-16-2009 05:09 PM

Don't you want your redirect from eth1?

Also, have you allowed forwarding (echo "1" > /proc/sys/net/ipv4/ip_forward"

What happens if you connect directly to 8080 rather than 80?

pworcester 04-16-2009 06:13 PM

That worked!
ip_forward was already set as I was NATing successfully. I changed the eth0 to eth1 and it started writing to the logs, both squid and dansguardian. I was then getting ACCESS DENIED from squid. I hammered throught the squid.conf and allowed access and now it's working!


All times are GMT -5. The time now is 09:49 PM.