Thanks Yuri for the response, I understand. I do have Shorewall configured and I understand the security implications. My Router is also the Wireless AP, so I want to try out this setup without having to buy another Wireless AP.
I don't mind it being complex, do you have any suggestions on getting Internet <---> Squid <---> Router (NAT) working ?
Thanks!
On Mon, Jul 13, 2015 at 1:33 PM, John Pearson <johnpearson555@xxxxxxxxx> wrote:
Thanks Yuri for the response, I understand. I do have Shorewall configured and I understand the security implications. My Router is also the Wireless AP, so I want to try out this setup without having to buy another Wireless AP.I don't mind it being complex, do you have any suggestions on getting Internet <---> Squid <---> Router (NAT) working ?Thanks!On Mon, Jul 13, 2015 at 1:26 PM, Yuri Voinov <yvoinov@xxxxxxxxx> wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Ah,
forgot about:
Your squid in scheme I wrote will have static gray IP. And this IP must be excluded from DHCP pool on router.
14.07.15 2:15, John Pearson пишет:
> _______________________________________________> Hi Everyone,
>
> My setup is: Internet <--> Squid-eth0 <--> Squid-eth1 <--> Router <-->
> Devices
>
> Currently the Router is doing NAT and DHCP for the devices connected to it.
> Squid is in transparent mode. I set up a bridge ( br0). I set up the
> ebtables and iptables. It works but I want to figure out a way without
> having to configure Squid server or Router with hardcoded addresses.
>
> I have it working with either setup:
> 1. Remove the bridge ( br0) and setup the Squid server eth1 as a static IP
> address and set Squid server IP address as gateway in Router settings.
> 2. Since Squid server is in bridge mode, I can hard code IP address in a
> Squid ACL as all traffic appears to come this IP address from the router.
>
> I want a way to do this without any setup, basically to take a Squid box
> and place it before a Router. Is there a way to do this ?
>
> A few ideas that might be wrong:
> 1. In bridge mode, http_access allow CURRENTIPADDRESS ( CURRENTIPADDRESS
> is the dynamic IP address provided the ISP ) Is there a way to obtain this
> in the squid.conf file ?
> 2. Setup a DHCP server alongside Squid server and have Squid(DHCP) <-->
> Router(DHCP, NAT) and have same dhcp address given to the Router in
> squid.conf as http_access allow localnet
>
> Thanks in advance!
>
>
>
> squid-users mailing list
> squid-users@xxxxxxxxxxxxxxxxxxxxx
> http://lists.squid-cache.org/listinfo/squid-users
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQEbBAEBCAAGBQJVpB7aAAoJENNXIZxhPexGJcgH+IcaMqoEwlcRYFNCWqKT/Msc
I6aMD/82Uw5ow/HayX/GrxCHTzYjdCzXDXJTP9cAnHZaMnvOPxtCGuVocEHNEiOa
sDsZC9P074hoANDEAYXycWF73auCxYg4jcg8dRtbZwVEazwYsMVN6ye5a3i9EaZM
/DotQ78htLNRJrLhoCO9yQBtJObcUs+eyOie4oxk4YWSfQMcjZOXen7U8K8KGQuH
cOBcodLJv/eP1T+CcEe3ATr8Szo+zQ648jG27pdy7XuPecek7sWllRnyq93fpkID
FnvOr21R3gLBBdStYty43PKQ/4Z3d4vp56aYEweKBsGJV9kVC2QMjDXLOzrbug==
=1pgP
-----END PGP SIGNATURE-----
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users