On Wed, Jul 25, 2012 at 3:04 PM, Indunil Jayasooriya <indunil75@xxxxxxxxx> wrote: > > > Can your squid box to go to internet ? ( Pls check /etc/resolv.conf file ) > > How many interfaces does your squid box have? > > 1 or 2 ? > > in /etc/sysctl.conf file , pls check net.ipv4.ip_forward parameter? try > to make it to one in following manner. > > net.ipv4.ip_forward = 1 > > > > > > > On Wed, Jul 25, 2012 at 2:13 PM, Ioannis Pliatsikas <gpliats@xxxxxxxxxx> > wrote: >> >> Very sorry for bothering you again >> >> although i get the redirection from the router to squid, using tcpdump >> (10.72.192.61 test internal address) >> >> 11:38:37.956330 IP 199.47.218.151.80 > 10.72.192.61.50690: Flags [S.], >> seq 1048613649, ack 1347334415, win 14600, options [mss >> 1460,nop,nop,sackOK,nop,wscale 4], length 0 >> 11:38:38.399796 IP 10.72.192.61.50697 > 199.47.218.151.80: Flags [S], seq >> 3043000771, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length >> 0 >> 11:38:38.399880 IP 199.47.218.151.80 > 10.72.192.61.50697: Flags [S.], >> seq 3389808826, ack 3043000772, win 14600, options [mss >> 1460,nop,nop,sackOK,nop,wscale 4], length 0 >> 11:38:39.756353 IP 199.47.218.151.80 > 10.72.192.61.50697: Flags [S.], >> seq 3389808826, ack 3043000772, win 14600, options [mss >> 1460,nop,nop,sackOK,nop,wscale 4], length 0 >> 11:38:41.356350 IP 176.9.44.80.80 > 10.72.192.61.50693: Flags [S.], seq >> 326259738, ack 1299448389, win 14600, options [mss >> 1460,nop,nop,sackOK,nop,wscale 4], length 0 >> 11:38:41.409101 IP 10.72.192.61.50697 > 199.47.218.151.80: Flags [S], seq >> 3043000771, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length >> 0 >> 11:38:41.409164 IP 199.47.218.151.80 > 10.72.192.61.50697: Flags [S.], >> seq 3389808826, ack 3043000772, win 14600, options [mss >> 1460,nop,nop,sackOK,nop,wscale 4], length 0 >> 11:38:41.556343 IP 176.9.44.80.80 > 10.72.192.61.50694: Flags [S.], seq >> 2634200113, ack 3423797704, win 14600, options [mss >> 1460,nop,nop,sackOK,nop,wscale 4], length 0 >> 11:38:41.756336 IP 199.47.218.151.80 > 10.72.192.61.50697: Flags [S.], >> seq 3389808826, ack 3043000772, win 14600, options [mss >> 1460,nop,nop,sackOK,nop,wscale 4], length 0 >> 11:38:41.756362 IP 209.85.148.139.80 > 10.72.192.61.50695: Flags [S.], >> seq 2040290141, ack 953271924, win 14600, options [mss >> 1460,nop,nop,sackOK,nop,wscale 4], length 0 >> 11:38:42.356340 IP 209.85.148.139.80 > 10.72.192.61.50696: Flags [S.], >> seq 69242255, ack 3941278742, win 14600, options [mss >> 1460,nop,nop,sackOK,nop,wscale 4], length 0 >> >> >> i still can't get linux to redirect to squid (port 8080), access.log is >> empty >> >> i use the following iptables >> >> ------------------------------------------------------------------------- >> # Generated by iptables-save v1.4.12.1 on Wed Jul 25 11:36:37 2012 >> *filter >> :INPUT ACCEPT [105007:140596865] >> :FORWARD ACCEPT [3:120] >> :OUTPUT ACCEPT [212743:136992211] >> -A INPUT -p tcp -m tcp --dport 8080 -j ACCEPT >> -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT >> COMMIT >> # Completed on Wed Jul 25 11:36:37 2012 >> # Generated by iptables-save v1.4.12.1 on Wed Jul 25 11:36:37 2012 >> *nat >> :PREROUTING ACCEPT [0:0] >> :INPUT ACCEPT [1254:65132] >> :OUTPUT ACCEPT [118:7345] >> :POSTROUTING ACCEPT [0:0] >> -A PREROUTING -d $SQUID_IP -i eth0 -p tcp -j ACCEPT >> -A PREROUTING -s $NETWORK_SPACE -i eth0 -p tcp -m tcp --dport 80 -j >> REDIRECT --to-ports 8080 >> -A POSTROUTING -j MASQUERADE >> COMMIT >> # Completed on Wed Jul 25 11:36:37 2012 >> >> --------------------------------------------------------------------------- >> >> Catch is that i use l2 redirection, so source and destination is eth0, no >> gre tunnel. Can it be done or should a create a virtual device and redirect >> input from there? >> >> >> Thank you in advance >> John > > > > > -- > Thank you > Indunil Jayasooriya > -- Thank you Indunil Jayasooriya
