Dear Nilesh, Thanks you very much for your information. Now I removed NAT chains entries IP Masquerades IP_forward But I am missing the following options tcp_outgoing_address Now I add "tcp_outgoing_address" and now OK. Here is what I did acl net1 src 192.168.1.x/24 acl net2 src 192.168.2.x/24 tcp_outgoing_address 10.x.x.x net1 #real IP tcp_outgoing_address 10.x.x.x net2 #real IP But proxy access is too slow. So, I am finding now to speed up Proxy access Speed -- Sent with BAGAN-CYBERTECH Webmail (http://www.bagan.net.mm) ---------- Original Message ----------- From: Nilesh <niluforalways@xxxxxxxxx> To: penguin@xxxxxxxxxxxxxx Sent: Wed, 18 Feb 2004 20:44:58 -0800 (PST) Subject: Re: Proxy Server Setup Problems > HI > > If you are installed Squid , check it without firewall > it is working or not Squid works without firewall > also. > if it working then run firewall iptables with NAT rule > or Masqurade > > iptables -t nat -A POSTROUTING -o eth0 -j SNAT > --to-source 10.x.x.x.x ( your TRUE IP) > > for Masquerade > iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE > > hope this will help > Nilesh. > --- wintoe <penguin@xxxxxxxxxxxxxx> wrote: > > Dear List, > > > > I am now setting up Proxy + Firewall for my LAN. > > ( Yesterday I send this messge to RH-LIST. But I am > > not sure where mail arrive to list or not. SO i send > > again ) > > Here is Current Network Configuration. > > > > + ======== + > > | LAN-1 | 192.168.1.0/24 > > + ======== + > > || > > || > > 192.168.1.254/24 > > + ==eth1=== + > > | | > > | LinuxBox eth0 -----> ISP---->Internet > > | | 10.x.x.x > > + ==eth2=== + > > 192.168.2.254/24 > > || > > || > > + ======== + > > | LAN-2 | 192.168.2.0.0/24 > > + ======== + > > > > I have done the followings. > > > > Setup proxy server with following confugrations > > Red Hat 9.0 > > Squid-2-5-STABLE1-2. > > ( here is squid configurations ) > > http_port 192.168.1.254:8080 > > http_port 192.168.2.254:8080 > > acl lan1 src 192.168.1.0/24 > > acl lan2 src 192.168.2.0/24 > > http_access allow lan1 > > http_access allow lan2 > > cache_peer isp-proxy-server-ip > > isp-proxy-ip-port 3130 > > > > > > IPTABLES > > IP_forrwarding is set to 1 in > > /proc/sys/net/ipv4/ip_forward > > LAN-1 and LAN-2 are DHCP clients of Linux Box ( > > but eth1, eth2 of Linux box are static ) > > > > > > I can connect to intranet of ISP from LAN-1, LAN-2 > > through Linux Box as proxy server. > > Linux box can connect to Internet if I configure to > > use Proxy of ISP. > > But I cannot connect to Internet from LAN-1, LAN-2 > > through Linux Box as proxy server. > > When I connect to Internet MS-IE say "Connecting to > > site. Waiting for reply ". Then error occurs. > > > > What I would like to know is > > 1. What configurations are missing ( I think nat > > configuration in iptables. I am now testing nat. but > > i need someone help ) > > 2. What additional network services, I have to > > configure. > > > > *** > > I am now finding a good e-book for both > > Firewall ( iptables ) and Proxy Server ssetup ( with > > SQUID ). I had googled...... > > but I cannot find...... what I want. > > Could some one can point out me to the place > > where I can get these e-book. > > > > **** > > > > Any help is highly appreciated. > > > > Win Toe > > > > > > > > __________________________________ > Do you Yahoo!? > Yahoo! Mail SpamGuard - Read only the mail you want. > http://antispam.yahoo.com/tools ------- End of Original Message ------- -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
