hey friends, I am trying to configure Squid Transparent Proxy on FC3. I am testing the scenario on 2 machines. The FC3 machines has got 2 lan cards eth0: 192.168.1.125/24 eth1: 192.168.2.126/24 Another machine is having only one LAN Card eth0: 192.168.2.88/24 I added these lines for transparent proxy in squid.conf http_port 3128 (by default) httpd_accel_port 80 httpd_accel_host virtual httpd_accel_with_proxy on httpd_accel_uses_host_header on I have also added these lines to squid.conf acl mynetwork src 192.168.1.125 acl mynetwork1 src 192.168.2.0 http_access allow mynetwork http_access allow mynetwork1 Configured iptables to redirect the request to the proxy from the domain 192.168.2.0 to port 3128 iptables -t nat -A PREROUTING -i eth1 -s 192.168.2.0/24 -p tcp --dport 80 -j REDIRECT --to-port 3128 But when I gave the below command to list the iptables rules there was no rules added to the iptables iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination I saved and restart iptables many times even flushed the iptables few times and again added the NAT rule but everytime iptables -L shows empty rules. Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.2.0 * 255.255.255.0 U 0 0 0 eth1 192.168.1.0 * 255.255.255.0 U 0 0 0 eth0 169.254.0.0 * 255.255.0.0 U 0 0 0 eth1 default 192.168.1.1 0.0.0.0 UG 0 0 0 eth0 lsmod command output Module Size Used by ipt_REDIRECT 2113 20 iptable_nat 23037 2 ipt_REDIRECT ip_conntrack 40565 1 iptable_nat iptable_filter 2753 0 ip_tables 16705 3 ipt_REDIRECT,iptable_nat,iptable_filter I am able to ping from 192.168.1.125 to 192.168.2.88. There is one more problem I am not able to ssh onto another server (FC3) from the squid server. ssh -l tester 192.168.1.122 Received disconnect from 192.168.1.122: 2: Too many authentication failures for tester As this is the testing scenario only 2 machines are in domain 192.168.2.0 ( one machine running windows xp and other is FC3 with 2 lan cards and I am using these machines for testing squid transparent proxy ) all other machines in the network are in the domain 192.168.1.0 so I should be able to ssh onto the machine 192.168.1.122 as the LAN Card eth0 on FC3 machine (192.168.1.125) is connected to the network 192.168.1.0. Please guide me what wrong I am doing ? Thanks & Regards Ankush Grover -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
