I have squid operating well on a small NAT network. Currently - all
clients select "automatic proxy detection" and that is all working
correctly with proxy.pac script on the http server.
I wanted to ensure that the proxy is handling ALL http traffic ALL of
the time - so I can be confident of the statistics generated by sarg
(squid analysis and report generator).
I thought this should e easy. I have a netgear DG834G router acting as
the internet DSL connection. I added 2 outgoing firewall rules in the
Dg834G:
1) allow all going traffic from the squid servers local IP.
2) Block port 80 traffic from all (other) local ip addresses.
When I apply these 2 rules - the network experiences erratic internet
access. Some sites work some of the time - but not everything works
correctly. I have tried disabling the above rules - then enabling just
rule 1 - and even then the network behaves erratically. Note that rule 1
is an "allow" rule. But as soon as I disable both rules - everything
returns to normal.
This seems very weird to me. Can anyone suggest some subtlety I am
overlooking?
I have checked the netgear knowledge base and there are no glaring bugs
reported related to this behaviour. I have updated to the latest netgear
firmware. I can only assume the DG834 is not behaving as expected. Can
anyone se another explanation?
In case it is relevant - the linux box is performing squid, dns, dhcp,
http and lots of other stuff but the dg834 is performing NAT (and only NAT).
Thanks
Richard.
