Richard Chapman wrote:
Thanks Matthew
The network has evolved from NAT without squid to NAt+squid - so I
hadn't thought about eliminating NAT altogether. Do you have much
experience with "squid only" networks. Will squid handle all the "other
stuff" well. eg IM, bittorrrent, etc. Indeed - can these applications be
persuaded to direct traffic through the proxy anyway. Are there any
other consideration before turning of NAT?
Squid itself won't. But the box underneath it will have firewall and
routing control you can use (assuming its a non-windows box).
Amos
Thanks again
Richard.
matthew jones wrote:
is there any need to use NAT. you could simply forward all data to the
squid by setting it's IP address as the DMZ server in the WAN setup
page. which would send all incomming DSL data to the IP address.
if it's a tight network your after you should think about have the
squid dual homed, one connecting to the router/firewall and the other
to your network, thus forcing all data to pass through the proxy. also
the proxy may be proxying data on more ports than 80 such as https on
port 4** ect.
i have a GD834g too but havent tried the above as i use NAT and not a
proxy at home.
matt.
Richard Chapman wrote:
I have squid operating well on a small NAT network. Currently - all
clients select "automatic proxy detection" and that is all working
correctly with proxy.pac script on the http server.
I wanted to ensure that the proxy is handling ALL http traffic ALL of
the time - so I can be confident of the statistics generated by sarg
(squid analysis and report generator).
I thought this should e easy. I have a netgear DG834G router acting
as the internet DSL connection. I added 2 outgoing firewall rules in
the Dg834G:
1) allow all going traffic from the squid servers local IP.
2) Block port 80 traffic from all (other) local ip addresses.
When I apply these 2 rules - the network experiences erratic internet
access. Some sites work some of the time - but not everything works
correctly. I have tried disabling the above rules - then enabling
just rule 1 - and even then the network behaves erratically. Note
that rule 1 is an "allow" rule. But as soon as I disable both rules -
everything returns to normal.
This seems very weird to me. Can anyone suggest some subtlety I am
overlooking?
I have checked the netgear knowledge base and there are no glaring
bugs reported related to this behaviour. I have updated to the latest
netgear firmware. I can only assume the DG834 is not behaving as
expected. Can anyone se another explanation?
In case it is relevant - the linux box is performing squid, dns,
dhcp, http and lots of other stuff but the dg834 is performing NAT
(and only NAT).
Thanks
Richard.
--
Please be using
Current Stable Squid 2.7.STABLE5 or 3.0.STABLE11
Current Beta Squid 3.1.0.3
