LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 09-15-2009, 01:29 AM   #1
tux.amit
LQ Newbie
 
Registered: Sep 2009
Posts: 17

Rep: Reputation: 0
Transpernt proxy not resolving hostnames ....


Hi to all,

i am using squid-2.6.STABLE6-3.el5 as transparent proxy on a Rhel 5 . now the problem is my client cant access the web without setting proxy address in brouser . it gives an error of "Address not found" (looks to be ab dns error) . my redirection is working because when i setting proxy port 80 in brouser it's working . client can't even ping to hostname surely my transpernt proxy is not resolving hostname .. but the thing which really surpise me few pc are getting access to web without setting brouser they can ping , well the number are few i tried many thing to resolve this issue but outcome is zero.. if someone has solution pl reply......


Best wishes !!

Amit ....
 
Old 09-15-2009, 01:37 AM   #2
linuxlover.chaitanya
Senior Member
 
Registered: Apr 2008
Location: Nagpur, India
Distribution: Cent OS 5/6, Ubuntu Server 10.04
Posts: 4,629

Rep: Reputation: Disabled
Are you sure your proxy is configured for transparent mode? What about the tcp and dns settings in the clients?
If you do a nslookup fof google from your squid proxy, what do you get?
And what are the settings in the clients that can access the internet?
And you say that you set the proxy port to 80 in the browser. Have you manually edited this setting in the squid config file? And if you have you changed the iptables as well for this setting?
 
Old 09-15-2009, 02:03 AM   #3
tux.amit
LQ Newbie
 
Registered: Sep 2009
Posts: 17

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by linuxlover.chaitanya View Post
Are you sure your proxy is configured for transparent mode? What about the tcp and dns settings in the clients?
If you do a nslookup fof google from your squid proxy, what do you get?
And what are the settings in the clients that can access the internet?
And you say that you set the proxy port to 80 in the browser. Have you manually edited this setting in the squid config file? And if you have you changed the iptables as well for this setting?
Ya my proxy is configured in transpernt mode that is why providing transpernt service to few client about dns setting i giving 4.2.2.2 in client (whether its working or not working) when i do nslookup from proxy server it gives an afficiant reply but from client it gives
#############################################################
Dns request timed out.
timeout was 2 second
****Can't find server name for address 4.2.2.2: Timed Out
*****Default Server are not available
Server : UnKnown
Address:4.2.2.2
Dns request timed out.
timeout was 2 second
*****Request to UnKnown timed-out
###############################################################



ya i set set the port 80 in client brouser just to check my iptable rule is working or not and its working ..
 
Old 09-15-2009, 02:11 AM   #4
linuxlover.chaitanya
Senior Member
 
Registered: Apr 2008
Location: Nagpur, India
Distribution: Cent OS 5/6, Ubuntu Server 10.04
Posts: 4,629

Rep: Reputation: Disabled
How can you make your squid listen on port 80? This is a dedicated port for web server? Not a good idea to use ports that are dedicated for other services.
And have you checked that Squid can access internet before moving towards clients?
Why not change the squid port to something like 8080 or default 3128 and forward all the requests to this port?
All the requests coming on port 80 (http traffic) should be directed to port 3128(squid port).

http://www.cyberciti.biz/tips/linux-...uid-howto.html

Look at this link.
 
Old 09-15-2009, 02:36 AM   #5
tux.amit
LQ Newbie
 
Registered: Sep 2009
Posts: 17

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by linuxlover.chaitanya View Post
How can you make your squid listen on port 80? This is a dedicated port for web server? Not a good idea to use ports that are dedicated for other services.
And have you checked that Squid can access internet before moving towards clients?
Why not change the squid port to something like 8080 or default 3128 and forward all the requests to this port?
All the requests coming on port 80 (http traffic) should be directed to port 3128(squid port).

http://www.cyberciti.biz/tips/linux-...uid-howto.html

Look at this link.

ypp... u r right brother how can any body make squid to listen on 80 ???? ^^^
my squid is running on port 8080 what i want to say i have redirected port 80 request coming from client pc to 8080 by setting redirection in iptables and to check i set 80 port in brouser to check this redirection working or not and it's working !!!!!

see firt of all the server is fully configured to act as a transpernt proxy but it is not acting as tproxy because i getting fail to resolve hostname and ya squid is getting internet access brother ....
well thanks for your attaintion towards this problem i am really in fix
if u have solution pl help ...
Best wishes
Amit
made for linux
 
Old 09-15-2009, 02:59 AM   #6
linuxlover.chaitanya
Senior Member
 
Registered: Apr 2008
Location: Nagpur, India
Distribution: Cent OS 5/6, Ubuntu Server 10.04
Posts: 4,629

Rep: Reputation: Disabled
You mean to say you have configured browser for proxy settings with 8080 port, isn't it?
Is your firewall configuration saved and is iptables service running?

And if you can browse internet in proxy server, then it should resolve www.google.com to its ip. Otherwise you wont be able to browse.
 
Old 09-15-2009, 03:19 AM   #7
tux.amit
LQ Newbie
 
Registered: Sep 2009
Posts: 17

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by linuxlover.chaitanya View Post
You mean to say you have configured browser for proxy settings with 8080 port, isn't it?
Is your firewall configuration saved and is iptables service running?

And if you can browse internet in proxy server, then it should resolve www.google.com to its ip. Otherwise you wont be able to browse.
ya you r right i have configured browser for proxy settings with 8080 port
and it workig even giving 80 port because of redirection by server iptables but i dont wants to set this in brouser for all my client {i have a big network using proxy} that is why i am using transperent proxy for all the client using it as Gateway and no one need to set brouser for proxy setting if they want to access web but problem has occured and u know the problem ..
well when i giving ip of any fqdn like google in cleint web brouser it working so may be now you have good idea of my problem ....
well one thing i am not saving my iptables rules they working on temperary basis ok

Best wishes !!!
Amit
made for linux
 
Old 09-15-2009, 03:23 AM   #8
linuxlover.chaitanya
Senior Member
 
Registered: Apr 2008
Location: Nagpur, India
Distribution: Cent OS 5/6, Ubuntu Server 10.04
Posts: 4,629

Rep: Reputation: Disabled
If your internet is working fine, then there are two issues that I can think of.

1. Your iptables rules are not redirecting the http requests to 8080 port.

2. You have not configured client tcp settings properly. You should enter the squid proxy servers ip address in default gateway option in client.

And please forget port 80. It is for web server. All you need to take care about it port 8080.
 
Old 09-15-2009, 03:46 AM   #9
tux.amit
LQ Newbie
 
Registered: Sep 2009
Posts: 17

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by linuxlover.chaitanya View Post
If your internet is working fine, then there are two issues that I can think of.

1. Your iptables rules are not redirecting the http requests to 8080 port.

2. You have not configured client tcp settings properly. You should enter the squid proxy servers ip address in default gateway option in client.

And please forget port 80. It is for web server. All you need to take care about it port 8080.
the two issue you asking are properly configured
1 =>> my iptables are redirecting port http request to 8080
that is why even setting http port in brouser it's working because on server side the http request is redirecting to 8080
2 => i have configured client tcp setting all the cleint are configured with default gateway of squid...
 
Old 09-15-2009, 05:01 AM   #10
linuxlover.chaitanya
Senior Member
 
Registered: Apr 2008
Location: Nagpur, India
Distribution: Cent OS 5/6, Ubuntu Server 10.04
Posts: 4,629

Rep: Reputation: Disabled
Then is your squid configuration file with this option

http_port 8080 transparent
 
Old 09-15-2009, 05:18 AM   #11
tux.amit
LQ Newbie
 
Registered: Sep 2009
Posts: 17

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by linuxlover.chaitanya View Post
Then is your squid configuration file with this option

http_port 8080 transparent
ya i have setup this parameter in squid.conf

http_port 8080 transparent

well see as about server it is ok i dont think any thing is missing but the only thing why some client having gateway squid can and some cant ping to hostname
 
Old 09-15-2009, 05:23 AM   #12
linuxlover.chaitanya
Senior Member
 
Registered: Apr 2008
Location: Nagpur, India
Distribution: Cent OS 5/6, Ubuntu Server 10.04
Posts: 4,629

Rep: Reputation: Disabled
Resolving hostname is not necessarily a squid issue but a dns issue. If your dns is down then it will not resolve the hostnames and you wont be able to ping. But if you can not even with ip addresses then your network could be an issue.
 
Old 09-16-2009, 12:49 AM   #13
tux.amit
LQ Newbie
 
Registered: Sep 2009
Posts: 17

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by linuxlover.chaitanya View Post
Resolving hostname is not necessarily a squid issue but a dns issue. If your dns is down then it will not resolve the hostnames and you wont be able to ping. But if you can not even with ip addresses then your network could be an issue.
well i am using global dns 4.2.2.2 and i can ping any ip on web but when it comes with name its not possible surely problem is of dns but some pc can ping hostname using squid as gateway but most of them can't well dns is up ....
thanks
Amit
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
resolving hostnames. bb002 Ubuntu 2 11-15-2005 04:08 PM
problem resolving hostnames natm Linux - Networking 5 07-09-2005 06:16 PM
My Server.... resolving hostnames! SyncMaster Linux - Networking 2 06-25-2005 01:56 AM
resolving hostnames problem! meshmesh Linux - Networking 2 01-25-2004 11:08 AM
resolving hostnames iceman47 Linux - Networking 3 10-07-2003 10:34 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 08:14 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration