Okay, here's the revised copy of my situation, with ip addresses:
Client machine (192.168.1.162) -> (192.168.1.7) squid-proxy
(208.224.3.156) -> DMZ (208.224.3.153) -> (irc.blessed.net) IRC Server.
I don't know what "IT" is. That is what I need to find out (packet
sniffer?). I'm assuming it's the irc server.
I know how to set nat up in this situation. I know it's what I need, but
am not sure how to do it.
Antony Stone <Antony@xxxxxxxxxxxxxxxxxxxx>
Sent by: netfilter-admin@xxxxxxxxxxxxxxxxxxx
11/17/2003 01:11 PM
To: netfilter@xxxxxxxxxxxxxxxxxxx
cc:
Subject: Re: irc
On Monday 17 November 2003 5:43 pm, trainier@xxxxxxxxxx wrote:
> I'll attempt to clear things up a bit.
>
> An irc proxy, is a machine that accepts a connection, then forwards you
on
> to the proxy server. An irc bounce, is very similiar in nature.
Ah, so there is a difference between an IRC proxy and an IRC server? (I
didn't know - I'm not familiar enough with the IRC protocol).
> What I'm looking for, is not an irc proxy. I'm already connecting to an
> irc proxy. The problem is, when I changed my default gateway to point
at
> my http-proxy, I can no longer make connections out to my irc server.
That sort of makes sense. Does your http proxy know how to forward
non-http
traffic (so the traffic can get to the IRC proxy, for example), and is it
correctly forwarding such traffic?
> (It comes back with a "connection refused").
I'm puzzled about what "it" is in this sentence. Which machine sends
back a
packet to your IRC client indicating that there's a problem?
> I thought I would have to use NAT in this case, just like I have to use
NAT
> to allow http and ftp requests, through the squid proxy server.
Whether or not you need to use NAT depends on where your public & private
IP
addresses meet. If the squid proxy is also your router joining the
public
to the private network, then yes, you will need NAT rules in order to get
any
non-http traffic through it. If the 'other side' of your squid proxy is
still privately addressed within your own network, and your public IP
address
router is somewhere beyond it, then you don't need to do NAT on the squid
proxy, just normal routing table entries (and the machines on the other
side
need to know that this is a gateway back to the addresses on the inside of
it
of course).
> Here's how I'm set up:
>
> Client machine -> squid-proxy -> DMZ -> IRC Server.
If you can add some IP addresses / network ranges to that diagram, and
maybe
include your Internet router in there as well, it would be helpful
Please note that I have chosen the sig below specifically for this email
:)
Regards,
Antony.
--
90% of network problems are routing problems.
9 of the remaining 10% are routing problems in the other direction.
The remaining 1% might be something else, but check the routing anyway.
Please reply to the
list;
please don't CC
me.
