-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 24.04.16 1:26, Tom пишет: > Sorry for not being more clearer on my first post. So I have a VMware environment running mostly CentOS 6 and multiple port groups: > > Each port group it its own network segment. Please see below: > > 192.168.1.0/24 <http://192.168.1.0/24> > GW 192.168.1.1 > proxy=192.168.1.2 > CentOS servers in this network 192.168.1.0/24 <http://192.168.1.0/24> > > 192.168.2.0/24 <http://192.168.2.0/24> > GW 192.168.2.1 > proxy=192.168.2.2 > CentOS servers in this network 192.168.2.0/24 <http://192.168.2.0/24> > > 192.168.3.0/24 <http://192.168.3.0/24> > GW 192.168.3.1 > proxy=192.168.3.2 > CentOS servers in this network 192.168.3.0/24 <http://192.168.3.0/24> > > Now I planned to install/configure a Squid proxy server (one NIC) in each network and all clients will be going through it. Now these are CentOS 6 servers, not workstations. I need all servers in each network segment to go through the proxy so traffic can be monitored for each network. Now would a transparent proxy help?? Hope this make sense. Using a transparent proxy depends on whether it is possible to configure clients to use a proxy or not. In most cases, no one here recommends the use of a transparent proxy, because there are a number of restrictions and high technical expertise for quality implementation. Also the most fundamental restriction (but I don't think so) is only possible to proxying HTTP/HTTPS. > > On Sat, Apr 23, 2016 at 1:50 PM, Yuri Voinov <yvoinov@xxxxxxxxx <mailto:yvoinov@xxxxxxxxx>> wrote: > > > I've based on op's diagram. We are know nothing about what he want. > Thelepaty on Bali on vacation. > > > 23.04.16 23:46, Antony Stone пишет: > > On Saturday 23 April 2016 at 19:12:56, Yuri Voinov wrote: > > >> http://wiki.squid-cache.org/ConfigExamples/Intercept > > > Surely there's no reason to have to set up intercept mode (unless the > OP can't > > configure the applications to use an explicit proxy)? > > > I'm assuming the gateway 192.168.1.1 does outbound NAT to the Internet > > (otherwise nothing would work), so all that's needed is to set up > Squid on > > 192.168.1.2 to allow access from 192.168.1.0/24 <http://192.168.1.0/24>, with a default > gateway of > > 192.168.1.1, and then configure each of the 192.168.1.x client > machines to use > > 192.168.1.2:3128 <http://192.168.1.2:3128> as their proxy server? > > >> 23.04.16 23:08, Tom Ku пишет: > >>> Hi All, > >>> > >>> I know this question has been beaten to death but I can't seem to find > >>> any answers via google. So i'm trying to set up a Squid proxy for my > >>> VMware infrastructure. I have multiple port groups networks and I plan > >>> to put a Squid server in each port group to monitor network/internet > >>> traffic. So I would like my setup like this: > >>> > >>> 192.168.1.1 - Gateway > >>> ^ > >>> l > >>> l > >>> l > >>> Squid Proxy - 192.168.1.2) > >>> ^ > >>> l > >>> l > >>> l > >>> VMs (clients - 192.168.1.x/24) > >>> > >>> Now i can only have 1 NIC on the Squid server. I've read that > >>> iptables will probably have to be configured. Any help would be > >>> appreciated. > > > I think one important thing you have missed out is why you need to use > Squid > > at all in such a setup? What are you trying to achieve by > implementing it, > > instead of just giving all clients direct access to the Internet? > > > > > Antony. > > > > > _______________________________________________ > squid-users mailing list > squid-users@xxxxxxxxxxxxxxxxxxxxx <mailto:squid-users@xxxxxxxxxxxxxxxxxxxxx> > http://lists.squid-cache.org/listinfo/squid-users > > -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBCAAGBQJXG809AAoJENNXIZxhPexG18cH/3AXP3mwu/lAmNdTru8rbPT1 iStds/GKw9BOTebKRMtdkOB9F5kBqYSVugksXwAKbOjrisMC0d69iA9ovocUvQiY DpsaZHybtwZYnSc8TO+hKgI5U4DGYFsBIYudDPyRlLIj6iluCRziHjetyQ2iMHru d9KNZiQGMMBTwjPyI+YDP4IVYuE8BGyEzlYSib4vAYb1nQAsMyX0tElrfvzmZB4h DaeKbJlyK7HdsaSZMFR+hz3CNW0uHzsTxchrW6lXPBkFsU25tcwuRhE1Rfh2i0UQ MqHUIzwTqNIvmIFbKkbQeLXbIPFUDNWtAeOBKy/XkKCiIZJJ0fm42g/5oFwaIas= =bfyf -----END PGP SIGNATURE----- |
Attachment:
0x613DEC46.asc
Description: application/pgp-keys
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users