I'm not the one having the problem; I was just trying to tell someone else
how I had worked around the problem.
However:
1. It is known that Squid doesn't play nice with FrontPage web servers.
2. NAT (specifically IPMASQ) does, in my experience, play nice with
FrontPage web servers--I never had any problems with it until I started
using Squid, and until I discovered the workaround, I was afraid I wasn't
going to be able to use Squid.
-----Original Message-----
From: Hamid Hashemi Golpayegani [mailto:hamid@morva.net]
Sent: Tuesday, March 27, 2001 3:52 PM
To: Steve Corder; squid-users@squid-cache.org
Subject: RE: [squid-users] Front page problem - Help me !!!
so you must find the ports that being used by frontpage and forward them
with ipmasqadm . it is not related to squid .
============================================================
/ Seyyed Hamid Reza / WINDOWS FOR NOW !! /
/ Hashemi Golpayegani / Linux for future , FreeBSD for ever /
/ Morva System Co. / ------------------------------------- /
/ Network Administrator/ hamid@morva.net , ICQ# : 42209876 /
===========================================================
-----Original Message-----
From: Steve Corder [mailto:swc@cookeville-tn.org]
Sent: Wednesday, March 28, 2001 12:19 AM
To: 'Hamid Hashemi Golpayegani'; squid-users@squid-cache.org
Subject: RE: [squid-users] Front page problem - Help me !!!
Yes, I use ip masquerading for NAT.
-----Original Message-----
From: Hamid Hashemi Golpayegani [mailto:hamid@morva.net]
Sent: Tuesday, March 27, 2001 3:42 PM
To: Steve Corder; 'Phu Quy'; squid-users@squid-cache.org
Subject: RE: [squid-users] Front page problem - Help me !!!
I am working with frontpage without any problem . I think that it is related
to your NAT . I mean I am using permanent ip address for my stations and
have a squid box for caching in trasparent mode . so Now I have check it and
frontpage working fine with squid transparent mode . I think that you must
use ipmasqadm and forward some ports that used for frontpage . it seems that
you can transparent using with invalid IP address ! do you use ip
masqurading for NAT or not ?!
============================================================
/ Seyyed Hamid Reza / WINDOWS FOR NOW !! /
/ Hashemi Golpayegani / Linux for future , FreeBSD for ever /
/ Morva System Co. / ------------------------------------- /
/ Network Administrator/ hamid@morva.net , ICQ# : 42209876 /
===========================================================
-----Original Message-----
From: Steve Corder [mailto:swc@cookeville-tn.org]
Sent: Tuesday, March 27, 2001 10:09 PM
To: 'Phu Quy'; squid-users@squid-cache.org
Subject: RE: [squid-users] Front page problem - Help me !!!
I don't know if this has been answered already (I don't think it has), but
here's how I worked around this problem...
My Squid box is the default gateway for the users on my network. I run
squid on port 8080. I have an ipchains rule that transparently redirects
all outbound HTTP traffic to port 8080. It looks like this...
/sbin/ipchains -A input -p tcp -s 192.168.0.0/16 -d 0.0.0.0 80 -j REDIRECT
8080
Using that rule alone, all the outbound HTTP traffic from my private network
(192.168.0.0) will be handed off to the Squid cache (which, incidentally,
has been configured to handle transparent proxying). However, that doesn't
fix the FrontPage problem. So in order to do that, I have to create some
ipchains rules that basically say "send all outbound HTTP traffic to Squid
UNLESS it's bound to the following addresses..." It can be done a couple of
ways. If you only have one address that your users have to connect to via
FrontPage, then you can change the above rule to look like this...
/sbin/ipchains -A input -p tcp -s 192.168.0.0/16 -d ! aaa.bbb.ccc.ddd 80 -j
REDIRECT 8080
This basically says "forward all outbound HTTP traffic to Squid EXCEPT
traffic bound to aaa.bbb.ccc.ddd (where aaa.bbb.ccc.ddd is the ip
address/FQDN of the FrontPage server)."
If there are multiple FrontPage servers they need to connect to, then you
can do it a different way:
/sbin/ipchains -A input -p tcp -s 192.168.0.0/16 -d aaa.bbb.ccc.ddd 80 -j
ACCEPT
/sbin/ipchains -A input -p tcp -s 192.168.0.0/16 -d eee.fff.ggg.hhh 80 -j
ACCEPT
/sbin/ipchains -A input -p tcp -s 192.168.0.0/16 -d iii.jjj.kkk.lll 80 -j
ACCEPT
...for each FrontPage server, then, at the end:
/sbin/ipchains -A input -p tcp -s 192.168.0.0/16 -d 0.0.0.0 80 -j REDIRECT
8080
The order of these rules is important; make sure you put the REDIRECT rule
last.
Another advantage to setting it up this way is that you don't have to make
any configuration changes on your client browsers to get them to use the
Squid cache.
Steve Corder
-----Original Message-----
From: Phu Quy [mailto:npquy@vnn.vn]
Sent: Tuesday, March 27, 2001 4:16 AM
To: squid-users@squid-cache.org
Subject: [squid-users] Front page problem - Help me !!!
Dear all ,
I have got problem when I deployed squid cache system in my network, my
users can't access to sites using Front pages 2000. I don't understand about
it, is it seriously problem of squid cache ?? Does it have any Patch for fix
this problem ??.
If this is seriously problem of squid cache, pls give more detail about it
and how to fix it ??
My cache using Squid 2.3 stable 1 on Linux ( IBM NF3500, 1 CPU 733Mhz, 512
MB RAM)
Thank you very much
Phu Quy
Received on Tue Mar 27 2001 - 15:25:01 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:59:00 MST