On 06/17/2014 04:13 AM, MrErr wrote:
p6p1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.13.1 netmask 255.255.255.0 broadcast 192.168.13.255
ether 00:1c:c4:63:9d:83 txqueuelen 1000 (Ethernet)
RX packets 4262346 bytes 537663669 (512.7 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 5463480 bytes 5212146353 (4.8 GiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
device interrupt 19
p2p1 is the interface connected to the internet and has a dynamic IP.
p6p1 is the interface connected to the internal network.
sam
You need to intercept\DNAT only traffic from the local network which is
192.168.13.0/24 and only if it comes on the interface p6p1.
If I understand right it's a Fedora or other RH like box..
The main issue is that you have iptables but you are not using it the
right way.
You can write custom iptables rules using a script and disabling any
software that manages the iptables for now just to make sure you
understand the rules you are writing (as an exercise).
basically your iptables should not contain more then let say 20-30 rules
as a starter.
If you want me to help you with iptables I can try to help you
understand it and then compile the right rules for you and it seems like
the rules you do have are causing an infinite loop inside squid which
causes the issues.
(look at amos post)
Eliezer
