what does "linux as a gateway mean"?
 

Hi,

I am quite new to linux and when i try to set up squid as proxy server, I read an article stating we can set up squid box as a gateway...what does that mean actually?

i have one modem connect with router at 192.168.0.100. and 192.168.0.101 to 103 is my window machine and 192.168.0.104 is my ubuntu with squid set up.

HHmm, browsing at my router i said something like default gateway with ip address. so my router is a gateway now? and then have to change the gateway to 192.168.0.104?

Any help would be appreciated

Thanks

To use Linux(Squid) as a gateway you'd need two NICs in
the box, and plug it between the DSL modem and a switch
of which the other machines at home would be hanging.

Something like:

INTERNET <--modem--> LINUX <-----> SWITCH <---windows boxes


Linux could get a lease e.g. on eth0 (e.g. 192.168.0.104) from
the modem, and serve a separate subnet on eth1 (192.168.5.1/24)

That way ALL web-traffic would have have to pass through the
Linux-box, and it would become quite easy for you to add content
filtering or block certain sites via e.g. DansGuardian or SquidGuard



Cheers,
Tink

in terms of what "gateway" means, it's just a metaphor with that machine effectively being in control of a gate to allow you to pass through or not. Pretty simple analogy that should make the roles and responsibilities fairly clear. feel free to imagine lots of client sheep and a shepherd proxy server standing at the gate... or not. :)

See this wikipedia article for a definition/explanation of network gateways.

Right now your router is acting as your gateway to the Internet. Your present configuration is fine if you are manually configuring your client machines (for example their browsers) to use your proxy. If you want to run a transparent proxy (which does not require manual configuration of the clients and where the clients have no choice but to use the proxy), then you must set your squid machine up with two NICs and force all the traffic to pass through that machine. In which case, that machine will also be acting as a gateway.

To do this (run transparent proxy) you would hook one NIC up to your router and the other NIC up to a hub/switch where you would also connect all of your client machines. The client machines would then be running on a separate subnet from your router and you would probably want the squid machine to become a DHCP server for that subnet.

EDIT: If you are manually configuring the IP addresses, etc on your client machines, you won't need to set up DHCP

Hi all,

Thanks for the reply,
I have actually post my question in networking section at http://www.linuxquestions.org/questi...orking-594921/
it is that all the technical term i couldn't understand,
my problem actually is that i want to restricted 192.168.0.104 only and log all the internet activity they use, hence i use squid proxy, but i ended up doesn't know what i am doing when it comes to transparent proxy. I want to set up individual account for my ubuntu so that each user has their unique login, so i am able to trace what each user is doing in internet. If i personally have to set up their web broswer to user proxy, when my staff found out and change it back to direct connection, my effort will be wasted.

It gets very confusing having two threads discussing the same thing, which is why LQ rules forbid it. You are getting good advice on the other thread, so I would suggest you go back to it to get your problem solved. Even though it is not a "newbie" thread, you can ask about what you don't understand. If you don't want to (re)configure the router (an option I had not even thought of!) then to enforce use of the proxy you will need to get another interface card for the box running squid and set up another subnet as I outlined in my last post.