Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
03-25-2008, 09:11 AM
|
#1
|
LQ Newbie
Registered: Mar 2008
Posts: 11
Rep:
|
squid configuration, multiple eth interfaces
Hi,
I am trying to install a squid proxy on my Linux 2.6.9-55.0.12.EL server. I have got 3 eth interfaces on the server. All I wana do is to pass on the same IP address to the remote website through squid that I made the request with.
So for example I had ip3 (10.10.10.3) in my browser proxy settings. The squid should not pass on the main IP of the server to the remote host. It should pass ip3.
These are the changes i've made in squid.conf. It only works if I access it using localhost as proxy. If i use a different IP if gives me Access Denied error. Could anyone please have a look and tell me what i've done wrong. This is my first time setting up a squid btw so sorry if i could not explain anything properly.
acl in_10_10_10_1 myip 10.10.10.1
tcp_outgoing_address 10.10.10.1 in_10_10_10_1
acl in_10_10_10_2 myip 10.10.10.2
tcp_outgoing_address 10.10.10.2 in_10_10_10_2
acl in_10_10_10_3 myip 10.10.10.3
tcp_outgoing_address 10.10.10.3 in_10_10_10_3
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl CONNECT method CONNECT
http_access deny !Safe_ports
acl localips src 10.10.10.1/3
http_access allow localhost
http_access allow localips
http_access deny all
Many Thanks
|
|
|
03-25-2008, 09:19 AM
|
#2
|
Moderator
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417
|
can you clarify that localips acl? 10.10.10.1/3?? what's that meant to mean?
|
|
|
03-25-2008, 09:25 AM
|
#3
|
LQ Newbie
Registered: Mar 2008
Posts: 11
Original Poster
Rep:
|
Quote:
Originally Posted by acid_kewpie
can you clarify that localips acl? 10.10.10.1/3?? what's that meant to mean?
|
thats to allow all 3 IPs to connect to the proxy server. It was returning an Access denied error if i used any ip in proxy settings so i thought this would allow access to the IPs. It still didn't work though.
|
|
|
03-25-2008, 09:28 AM
|
#4
|
Moderator
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417
|
all three what ip's? 10.10.10.1/3 would cover ip addresses 0.0.0.1 through to 31.255.255.254... what are you valid client ip addresses?
|
|
|
03-25-2008, 09:37 AM
|
#5
|
LQ Newbie
Registered: Mar 2008
Posts: 11
Original Poster
Rep:
|
Quote:
Originally Posted by acid_kewpie
all three what ip's? 10.10.10.1/3 would cover ip addresses 0.0.0.1 through to 31.255.255.254... what are you valid client ip addresses?
|
I only have 3 eth interfaces on server. Each on its own IP from 10.10.10.1 to 10.10.10.3
|
|
|
03-25-2008, 09:38 AM
|
#6
|
Moderator
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417
|
well i guess you just don't understand CIDR and subnets, but anyway. what are your client ip addresses? your access lists are still relative to the actual client ip at this stage.
|
|
|
03-25-2008, 09:48 AM
|
#7
|
LQ Newbie
Registered: Mar 2008
Posts: 11
Original Poster
Rep:
|
I would only be using the proxy from the same system. So there would be no other clients apart from the server itself.
|
|
|
03-25-2008, 11:02 AM
|
#8
|
Moderator
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417
|
o, this makes NO sense... you have a proxy with NO clients but three ethernet interfaces and you want to arbitrarily use those addresses on those seperate cards for web requests you'll make insternally to the machine?? wtf?? where are these requests going to? the world interweb? if so then those IP's are illegal anyway, and that's never going to work...
|
|
|
03-25-2008, 12:26 PM
|
#9
|
LQ Newbie
Registered: Mar 2008
Posts: 11
Original Poster
Rep:
|
i'm sorry man i know its a bit confusing. Well, let me just try n explain it again.
I have a dedicated server with 2 additional IPs. I have some php code thats hosted on one of the domains on that server. The code just goes and fetches some content from a website. Now each time it fetches content it goes through the same IP. All I wana do is to enable the proxy server so that I can make the php code use a different IP each time. I've been trying to insall squid from past 3 days now since squid can bind to all the IPs if you have multiple eth interfaces and than I can chose in my php code which proxy IP I want to go through to fetch the content from the remote website.
Please let me know if its still not clear.
|
|
|
All times are GMT -5. The time now is 03:24 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|