Hello
My network layout:
---LAN---SWITCH1---CORE_SWITCH---SQUID---JUNIPER(hw firewall)---NET----
SWITCH2--|
the suid server interfaces in bridge.
the server side ip adresses 172.21.253.0-200
the client side: 172.21.1.0-254
the switch1 : client side, default gw for clients
switch2: server side, def gw for servers
Core switch: All traffic meeting point, no restriction
Juniper: Hw firewall, gw for switches. 2 outside ip and one internal ip
(172.21.253.254).
Squid: two interfaces (eth0,1) bridged to 172.21.253.250, no iptables
restriction, only forward the packets from 80 to squid. The def.gw
172.21.253.254
the squid contains these lines:
http_port 8080
httpd_accel_port 80
httpd_accel_single_host off
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
httpd_accel_host virtual
and the iptables:
iptables -A PREROUTING -t nat -m tcp -p tcp --dport 80 -j REDIRECT
--to-port 8080
ubuntu 5.10 (Breezy Badger)
squid 2.5 Stable 10
iptables 1.3.1
Best regards.
On Thu, 3 Nov 2005, CsY wrote:
and what you think, how can i resolve this problem?
Can't tell much without knowing your network layout. What I can tell
is that fror interception to work the packets MUST one way or another
travel via the proxy box. The Squid FAQ contains some methods on how
to do this.
Regards
Henrik
_____________ NOD32 1.1275 (20051103) Információ _____________
Az üzenetet a NOD32 antivirus system megvizsgálta.
http://www.nod32.hu
