Search squid archive

Re: Using Squid with 1 NIC

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
 


24.04.16 1:26, Tom пишет:
> Sorry for not being more clearer on my first post. So I have a VMware environment running mostly CentOS 6 and multiple port groups:
>
> Each port group it its own network segment.  Please see below:
>
> 192.168.1.0/24 <http://192.168.1.0/24>
> GW 192.168.1.1
> proxy=192.168.1.2
> CentOS servers in this network 192.168.1.0/24 <http://192.168.1.0/24>
>
> 192.168.2.0/24 <http://192.168.2.0/24>
> GW 192.168.2.1
> proxy=192.168.2.2
> CentOS servers in this network 192.168.2.0/24 <http://192.168.2.0/24>
>
> 192.168.3.0/24 <http://192.168.3.0/24>
> GW 192.168.3.1
> proxy=192.168.3.2
> CentOS servers in this network 192.168.3.0/24 <http://192.168.3.0/24>
>
> Now I planned to install/configure a Squid proxy server (one NIC) in each network and all clients will be going through it.  Now these are CentOS 6 servers, not workstations.  I need all servers in each network segment to go through the proxy so traffic can be monitored for each network.  Now would a transparent proxy help?? Hope this make sense.


Using a transparent proxy depends on whether it is possible to configure clients to use a proxy or not.

In most cases, no one here recommends the use of a transparent proxy, because there are a number of restrictions and high technical expertise for quality implementation. Also the most fundamental restriction (but I don't think so) is only possible to proxying HTTP/HTTPS.

>
> On Sat, Apr 23, 2016 at 1:50 PM, Yuri Voinov <yvoinov@xxxxxxxxx <mailto:yvoinov@xxxxxxxxx>> wrote:
>
>
> I've based on op's diagram. We are know nothing about what he want.
> Thelepaty on Bali on vacation.
>
>
> 23.04.16 23:46, Antony Stone пишет:
> > On Saturday 23 April 2016 at 19:12:56, Yuri Voinov wrote:
>
> >> http://wiki.squid-cache.org/ConfigExamples/Intercept
>
> > Surely there's no reason to have to set up intercept mode (unless the
> OP can't
> > configure the applications to use an explicit proxy)?
>
> > I'm assuming the gateway 192.168.1.1 does outbound NAT to the Internet
> > (otherwise nothing would work), so all that's needed is to set up
> Squid on
> > 192.168.1.2 to allow access from 192.168.1.0/24 <http://192.168.1.0/24>, with a default
> gateway of
> > 192.168.1.1, and then configure each of the 192.168.1.x client
> machines to use
> > 192.168.1.2:3128 <http://192.168.1.2:3128> as their proxy server?
>
> >> 23.04.16 23:08, Tom Ku пишет:
> >>> Hi All,
> >>>
> >>> I know this question has been beaten to death but I can't seem to find
> >>> any answers via google.  So i'm trying to set up a Squid proxy for my
> >>> VMware infrastructure.  I have multiple port groups networks and I plan
> >>> to put a Squid server in each port group to monitor network/internet
> >>> traffic.  So I would like my setup like this:
> >>>
> >>> 192.168.1.1 - Gateway
> >>> ^
> >>> l
> >>> l
> >>> l
> >>> Squid Proxy - 192.168.1.2)
> >>> ^
> >>> l
> >>> l
> >>> l
> >>> VMs (clients - 192.168.1.x/24)
> >>>
> >>> Now i can only have 1 NIC on the Squid server.  I've read that
> >>> iptables will probably have to be configured.  Any help would be
> >>> appreciated.
>
> > I think one important thing you have missed out is why you need to use
> Squid
> > at all in such a setup?  What are you trying to achieve by
> implementing it,
> > instead of just giving all clients direct access to the Internet?
>
>
>
> > Antony.
>
>
>
>
>     _______________________________________________
>     squid-users mailing list
>     squid-users@xxxxxxxxxxxxxxxxxxxxx <mailto:squid-users@xxxxxxxxxxxxxxxxxxxxx>
>     http://lists.squid-cache.org/listinfo/squid-users
>
>


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
 
iQEcBAEBCAAGBQJXG809AAoJENNXIZxhPexG18cH/3AXP3mwu/lAmNdTru8rbPT1
iStds/GKw9BOTebKRMtdkOB9F5kBqYSVugksXwAKbOjrisMC0d69iA9ovocUvQiY
DpsaZHybtwZYnSc8TO+hKgI5U4DGYFsBIYudDPyRlLIj6iluCRziHjetyQ2iMHru
d9KNZiQGMMBTwjPyI+YDP4IVYuE8BGyEzlYSib4vAYb1nQAsMyX0tElrfvzmZB4h
DaeKbJlyK7HdsaSZMFR+hz3CNW0uHzsTxchrW6lXPBkFsU25tcwuRhE1Rfh2i0UQ
MqHUIzwTqNIvmIFbKkbQeLXbIPFUDNWtAeOBKy/XkKCiIZJJ0fm42g/5oFwaIas=
=bfyf
-----END PGP SIGNATURE-----

Attachment: 0x613DEC46.asc
Description: application/pgp-keys

_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users

[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux