Search squid archive

RE: [squid-users] squid + iptables

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

hi all,

> You are not having route entry to use DNS server to
> resolve the domain names in client machine. Try as,
> 
> route add -net 192.168.0.0 netmask 255.255.0.0 dev
> eth0

I tried that on client pc (in isolan) and i didn't change anything.

> ping <dns server>
> ping www.google.com

Anyway, as I don't do any nat, I would expect not to ping it!

*******************
route (on pc in isolan) :

$route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.2.0     *               255.255.255.0   U     0      0        0 eth0
192.168.0.0     *               255.255.0.0     U     0      0        0 eth0
loopback        *               255.0.0.0       U     0      0        0 lo
default         192.168.2.1     0.0.0.0         UG    1      0        0 eth0

*****************

If I do a ping in isolan to dns server (192.168.0.1) :
$ping 192.168.0.1
PING 192.168.0.1 (192.168.0.1) 56(84) bytes of data.
>From 192.168.2.4 icmp_seq=2 Destination Host Unreachable
>From 192.168.2.4 icmp_seq=3 Destination Host Unreachable
>From 192.168.2.4 icmp_seq=4 Destination Host Unreachable
>From 192.168.2.4 icmp_seq=6 Destination Host Unreachable
>From 192.168.2.4 icmp_seq=7 Destination Host Unreachable
>From 192.168.2.4 icmp_seq=8 Destination Host Unreachable


And the tcpdump (while pinging)
14:32:06.547367 arp who-has 192.168.0.1 tell 192.168.2.4
14:32:07.547210 arp who-has 192.168.0.1 tell 192.168.2.4
14:32:10.547759 arp who-has 192.168.0.1 tell 192.168.2.4
14:32:11.547605 arp who-has 192.168.0.1 tell 192.168.2.4
14:32:12.547454 arp who-has 192.168.0.1 tell 192.168.2.4
14:32:15.548002 arp who-has 192.168.0.1 tell 192.168.2.4
14:32:16.547846 arp who-has 192.168.0.1 tell 192.168.2.4
14:32:17.547691 arp who-has 192.168.0.1 tell 192.168.2.4
14:32:20.548239 arp who-has 192.168.0.1 tell 192.168.2.4
14:32:21.548084 arp who-has 192.168.0.1 tell 192.168.2.4

And I don't get any reply!?
I am a bit lost, does all dns request has to go through squid, or computers in my isolan have got to reach directly the dns server??

                                             |DNS SERVER|
                                                  |
                                                  |
IsoLan -----(eth1)| Proxy Box |(eth0)-------Lan------| Firewall |-------INTERNET

Many thanks,

Kevin.




Kevin Thackray
C&T Paradigm NV
BTW BE 0465.030.272 RPR Antwerpen
G. LeGrellelaan 10, B - 2020 Antwerpen
Tel +32(3)259 2266

mailto:kthackray@xxxxxxxxxxxxx 



This email is for the use of the intended recipient only. It may contain information that is legally privileged or confidential. If you are not the intended recipient, any disclosure, distribution or copying of this email is strictly prohibited and may be unlawful. If received in error, please reply to the sender confirming this, then delete the email.
[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux