tproxy first time implementation on squid.

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

tproxy first time implementation on squid.

Hanoch Hanoch K
Hi
I am trying to configure tproxy to expose the ip address i am using to internet sites and not the ip address of the squid server.
I did read the wiki from the squid web site and acted upon.
the environment i am using is test and i will need to deploy it into producton when test will work and all the subject will be clear to me.
so the server is ubuntu 14.04.
squid was compiled with netfilter prefix.
the kernel is new and seems to have built in support in the tproxy. iptables rules where created as the wiki request.
route option had been applied and the sysctl was configured as requested by the wiki.
the client is windows 7 vmware vm and also the server is vmware vm with 2 ethernet adapters.
one of  the interfaces connect the windows 7 and one having ip from the built in dhcp server at the router and it is the internet interface.
the server and the client both behind router and all have private ip.
till now the setup.
the problem is when I try to surf with this configuration i get time out.
at the wiki it says it is routing problem.
but digging the logs i do not understand where is my mistake.
can i use this configuration? lets say can i send ip like 10.0.0.2 to be discovered at internet?
is this configuration is legal?
do not i need public ip on all the interfaces?
if not what is wrong.
i will be happy to supply any log or conf file.
please try to help me.

_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users
Reply | Threaded
Open this post in threaded view
|

Re: tproxy first time implementation on squid.

Alex K
You might be missing a NAT at last node before the packet is left to Internet otherwise you need a public IP at the windows client.

On Oct 22, 2017 19:08, "Hanoch Hanoch K" <[hidden email]> wrote:
Hi
I am trying to configure tproxy to expose the ip address i am using to internet sites and not the ip address of the squid server.
I did read the wiki from the squid web site and acted upon.
the environment i am using is test and i will need to deploy it into producton when test will work and all the subject will be clear to me.
so the server is ubuntu 14.04.
squid was compiled with netfilter prefix.
the kernel is new and seems to have built in support in the tproxy. iptables rules where created as the wiki request.
route option had been applied and the sysctl was configured as requested by the wiki.
the client is windows 7 vmware vm and also the server is vmware vm with 2 ethernet adapters.
one of  the interfaces connect the windows 7 and one having ip from the built in dhcp server at the router and it is the internet interface.
the server and the client both behind router and all have private ip.
till now the setup.
the problem is when I try to surf with this configuration i get time out.
at the wiki it says it is routing problem.
but digging the logs i do not understand where is my mistake.
can i use this configuration? lets say can i send ip like 10.0.0.2 to be discovered at internet?
is this configuration is legal?
do not i need public ip on all the interfaces?
if not what is wrong.
i will be happy to supply any log or conf file.
please try to help me.

_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users


_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users