Search squid archive

Re: i need a little help

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Please try to reply to the list,

acl lan src 82.77.50.206/255.0.0.0 192.168.3.0/24

Are you sure of this?
That's a very large lan, and 82.77.50.206/255.0.0.0 is a public range of IP......

badisp and badisp2 are addresses already declared in lan, so your deny acl will never match. Don't forget that acls are applied from top to bottom until one matches (when a match is done none of the following acls will be checked)

this is useless in your actual config :
> acl badisp src 192.168.3.254
> http_acces deny badisp
> acl badisp2 src 192.168.3.38
> http_acces deny badisp2


concerning routing table, it depends on your operating system

running linux / unix,
you should look at "/sbin/route -n"
"man route" will help you for the usage of this command (adding revoving etc...)

running windows

"route print" to watch your routing table
"route help" will help you

rolah@xxxxxxxxxxx a écrit :
Thank's for reply!

The config file is the default with little changes:

acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.0/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80		 #  http
acl Safe_ports port 21		 #  ftp
acl Safe_ports port 443 563	 #  https, snews
acl Safe_ports port 70		 #  gopher
acl Safe_ports port 210		 #  wais
acl Safe_ports port 1025-65535	 #  unregistered ports
acl Safe_ports port 280		 #  http-mgmt
acl Safe_ports port 488		 #  gss-http
acl Safe_ports port 591		 #  filemaker
acl Safe_ports port 777		 #  multiling http
acl CONNECT method CONNECT
acl lan src 82.77.50.206/255.0.0.0 192.168.3.0/24
http_access allow lan
acl badisp src 192.168.3.254
http_acces deny badisp
acl badisp2 src 192.168.3.38
http_acces deny badisp2
acl MYLAN src 192.168.3.1-192.168.3.253/255.255.255.0


How i can config the server routing table? the most important for me, the
users connected with proxy i want to use the link1 for internet access
(82.77.50.206)  not the instant lan acces...

Any idea?


Robert


Hi

without any parts of config file it would be difficult to help you

but if I understand correctly what you explained, the problem is not in
squid config, but in you're squid server routing table.

If your squid server uses your Internet gateway (2) instead of (1) it's
probably because your routing table is telling that to access the net
you have to go through gateway (2)

hope my english is correct :D


rolah@xxxxxxxxxxx a écrit :
Hi!

I want to use SQUID in proxy mode for administration of internet access.
I installed SQUID 2.7 on Win 2003 server.
I have 2 internet connections:
1. LAN connected to isp with static IP:
82.77.50.206/255.0.0.0 and

2. LAN connected to local area network with instant internet acces.
The local ip is 192.196.3.38 gateway 192.168.3.254

I want to use the proxy server to limit the users internet acces, to be
accessible only on 1 LAN accessible ISP.

How i can do this? I tried to modify the config.conf file, i putted the
proxy server setting in the browser connections tab, but my browser show
me the acces on 2. ISP, not on 1.

Thank's for help
and sorry for my bad english.

Robert


--
Ce courrier électronique a été vérifié et est exempt de virus connus à
ce jour.
Contactez votre administrateur pour plus de renseignement.
postmaster@xxxxxxxxxxxxxx

--
Ce courrier ÿlectronique a ÿtÿ vÿrifiÿ et est exempt de virus connus ÿ ce
jour.
Contactez votre administrateur pour plus de renseignement.
postmaster@xxxxxxxxxxxxxx




--
Ce courrier électronique a été vérifié et est exempt de virus connus à ce jour.
Contactez votre administrateur pour plus de renseignement.
postmaster@xxxxxxxxxxxxxx


--
Ce courrier ÿlectronique a ÿtÿ vÿrifiÿ et est exempt de virus connus ÿ ce jour.
Contactez votre administrateur pour plus de renseignement.
postmaster@xxxxxxxxxxxxxx

begin:vcard
fn:Erwann Pencreach
n:Pencreach;Erwann
org:Centre Hospitalier de Chaumont;Service Informatique
adr;dom:;;2 rue Jeanne D'arc;Chaumont;;52000
email;internet:erwann.pencreach@xxxxxxxxxxxxxx
title:Technicien Informatique
tel;work:0325357321
tel;fax:0325030674
x-mozilla-html:FALSE
version:2.1
end:vcard


[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux