Squid and Openvpn port to tunnel forwarding

edcelvista24 · 04-13-2016, 04:28 AM

Hello, Linux Geeks
I have a problem on using squid and openvpn
The Scenario is:

-SQUID is listening on port [3128] and [3129].
-Also Using OPenVPn i have tun0 and tun1 (as vpn tunnels w/ IPs).

NOW im trying to do is:
All Connection from port 3128 will goto tun0
and same as port 3129 will goto tun1. any suggestion thanks

cliffordw · 04-16-2016, 11:09 AM

Hi, and welcome!

I assume that tun0 and tun1 are your outgoing internet connections that SQUID should be using?

By "All Connection from port 3128 will goto tun0" do you mean you want all client connections connecting to port 3128 to use tun0 for the outgoing (web) traffic? If so, I don't think there is an easy way to identify this traffic. The challenge is that the connections don't come "from port 3128"; the clients (browsers) connect to that port, but SQUID then creates its own connection to the destination website, using a different (ephemeral) port number.

What is the purpose of the 2 SQUID ports? If they are handling different traffic types, that traffic might be a starting point for trying to solve your problem.

Good luck!

edcelvista24 · 04-16-2016, 07:56 PM

I used tcp_outgoing_address and targeting the IP of the network interface, but its going to the same tun. my problem now is how i can tell the squid to connect to a specific tun .Please help

cliffordw · 04-17-2016, 03:12 AM

Hi again,

What does your routing table look like? Are you using a single default gateway?

The discussion over at https://www.linuxquestions.org/quest...ctions-493819/ may help.

edcelvista24 · 04-17-2016, 04:35 AM

eth0 Link encap:Ethernet HWaddr 00:50:56:be:4a:21
inet addr:162.219.2.98 Bcast:162.219.2.255 Mask:255.255.255.0
inet6 addr: fe80::250:56ff:febe:4a21/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:756840 errors:0 dropped:3692 overruns:0 frame:0
TX packets:391026 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:121995509 (121.9 MB) TX bytes:57993606 (57.9 MB)

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:17333 errors:0 dropped:0 overruns:0 frame:0
TX packets:17333 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1631289 (1.6 MB) TX bytes:1631289 (1.6 MB)

tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:10.200.1.6 P-t-P:10.200.1.6 Mask:255.255.252.0
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:6111 errors:0 dropped:0 overruns:0 frame:0
TX packets:662 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:506377 (506.3 KB) TX bytes:73475 (73.4 KB)

tun1 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:10.200.2.172 P-t-P:10.200.2.172 Mask:255.255.252.0
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:10351 errors:0 dropped:0 overruns:0 frame:0
TX packets:603 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:845954 (845.9 KB) TX bytes:50918 (50.9 KB)

tun2 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:10.9.1.62 P-t-P:10.9.1.61 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:60 errors:0 dropped:0 overruns:0 frame:0
TX packets:16 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:3802 (3.8 KB) TX bytes:960 (960.0 B)
///////////////////////////////////////////////////////////////////////////////////////////////
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 162.219.2.1 0.0.0.0 UG 0 0 0 eth0
10.9.1.61 0.0.0.0 255.255.255.255 UH 0 0 0 tun2
10.200.0.0 0.0.0.0 255.255.252.0 U 0 0 0 tun0
10.200.0.0 0.0.0.0 255.255.252.0 U 0 0 0 tun1
52.29.151.126 10.200.0.1 255.255.255.255 UGH 0 0 0 tun0
52.29.163.22 10.200.0.1 255.255.255.255 UGH 0 0 0 tun0
52.50.109.62 10.200.0.1 255.255.255.255 UGH 0 0 0 tun0
162.219.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
162.219.2.98 10.200.0.1 255.255.255.255 UGH 0 0 0 tun1
162.219.2.98 10.200.0.1 255.255.255.255 UGH 0 0 0 tun0
198.41.206.97 10.200.0.1 255.255.255.255 UGH 0 0 0 tun1
198.41.206.97 10.200.0.1 255.255.255.255 UGH 0 0 0 tun0
198.41.207.97 10.200.0.1 255.255.255.255 UGH 0 0 0 tun1
198.41.207.97 10.200.0.1 255.255.255.255 UGH 0 0 0 tun0

TB0ne · 04-23-2016, 05:17 PM

Quote:

Originally Posted by edcelvista24

Hello, Linux Geeks

If you have a question, it's probably best not to call people names when asking.

Quote:

I have a problem on using squid and openvpn The Scenario is:

-SQUID is listening on port [3128] and [3129].
-Also Using OPenVPn i have tun0 and tun1 (as vpn tunnels w/ IPs).

NOW im trying to do is:
All Connection from port 3128 will goto tun0 and same as port 3129 will goto tun1. any suggestion thanks

Yes...use squid for what it was designed/written for. That is, an HTTP proxy...that's it. Use iptables to do other port forwarding/routing.