LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 10-30-2003, 04:41 PM   #1
freelinuxcpp
Member
 
Registered: Jul 2003
Posts: 129

Rep: Reputation: 15
Route a private LAN with 1 NIC


hello everybody
that's what i have :
1 machine whith a public ip and 1 NIC
i set a proxy ( squid ) in tis machine and now all publics IPs can use it but now i need to set this cache server for my lan also , i have a lan with 192.168.10.x addresse i set an alias to my NIC
(ifconfig eth0:0 192.168.10.1) but now i need to route this ip to get my lan able to use this squid
thanx to any help
 
Old 10-31-2003, 11:21 AM   #2
zaphodiv
Member
 
Registered: Oct 2003
Distribution: Slackware
Posts: 388

Rep: Reputation: 30
>now all publics IPs can use it
Uh, providing a proxy that everyone on the internet can use my not be such a good idea..

Does the box that is running squid have a 192.168 address. It may be easiest to give it one and have the machines on the private lan access the proxy on its 192.168 address.
If you want the lan machines to be able to reach the public address then each lan machine has to have its routing table set to send traffic for that ip to the squid machine, either by setting th default gateway or by adding a subnet entry. If they get an ip by dhcp you might be able to get the dhcp server to give out the required gateway address.
 
Old 10-31-2003, 11:34 AM   #3
chort
Senior Member
 
Registered: Jul 2003
Location: Silicon Valley, USA
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660

Rep: Reputation: 76
You also need to set the sysctl to forward packets to route between two subnets.

By the way, running Squid open to the world is a HORRIBLE idea. Many spammers and crackers use open proxies to attack other individuals or entities. Many IRC channels scan for open proxies and will not allow you to connect if you have one. Many ISPs scan their own customers and will shut you down if you have an open proxy. Finally, many anti-spam sites look for open proxies, then put the IP subnet on a "Realtime Blackhole List" at which point anyone subscribing to that RBL will no longer accept mail from you. If this RBL is big enough, your ISP will notice that they can't send mail to certain sites any more and will contact the RBL to see why they were blacklisted, which will point back to you. Not exactly a situation you want to be in, eh? Do everyone a huge favor and turn it off now. Proxies should be on PRIVATE networks (or virtually private).
 
Old 10-31-2003, 12:01 PM   #4
zaphodiv
Member
 
Registered: Oct 2003
Distribution: Slackware
Posts: 388

Rep: Reputation: 30
>You also need to set the sysctl to forward packets to route between two subnets.

Which probably means an entry like
enable_forward=yes in a config file somewhere or a tick in
the configuation program depending on which distro you use.
 
Old 11-01-2003, 06:05 AM   #5
freelinuxcpp
Member
 
Registered: Jul 2003
Posts: 129

Original Poster
Rep: Reputation: 15
ok thank you all for all
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
cannot reach internet from private LAN toodr Linux - Networking 12 10-23-2005 08:44 PM
Private LAN setup with redhat 9 help ezeke1 Linux - Networking 24 11-18-2004 06:27 AM
routing issue :- have a simple private LAN, with.... inode100 Linux - Newbie 4 02-23-2004 04:52 PM
routing issue :- have a simple private LAN, with.... inode100 Linux - Networking 10 02-22-2004 03:06 PM
Multiple NIC cards - public and private IPs harryinjapan Linux - Networking 2 12-02-2001 05:25 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 07:36 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration