Dnia 15-03-2010 o godz. 14:42 Henrik Nordström napisa³(a):
> mán 2010-03-15 klockan 14:00 +0100 skrev Hubert Choma:
>
> > iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 80 -j REDIRECT
> > --to-port 8080
> > It's correct iptables rule ?
>
> Is eth0 the interface where clients traffic is arriving?
>
> If you are using wccp then the interface is usually a gre interface, not
> ethx..
>
> Regards
> Henrik
Hello Henrik Thanks for help !
I don't use WCCP eth0 its interface for WAN. Yes You have got right when
eth0 is set then my site doesn't work from WAN side and LAN side. I
changed it from eth0 to eth1
iptables -A PREROUTING -t nat -i eth1 -p tcp --dport 80 -j REDIRECT
--to-port 8080
but sites are loading very long !!
My topology
UTM Router 192.168.1.1----->eth0 192.168.1.2 (services for WAN
apache,FTP)---->eth1 192.168.0.1(on eth1 works squid 192.168.0.1:8080 as
transparent proxy)---LAN XP clients 192.168.0.0/24
So I have 2 NAT :
First UTM router
SECOND Linux (Centos Router with - apache ftp and squid services)
I would like to setup squid as transparent proxy for lan clients.
I have a few doubts :
1) squid uses dns from resolv.conf so I have 3 nameservers
nameserver 194.204.152.34 first dns from internet provider (DSL)
nameserver 194.204.159.1 second dns
nameserver 192.168.1.1 (UTM router)
My public IP 83.18.17.30 is assigned to domain geodezja.wolomin.pl
so what entries should i use to /etc/hosts ? Centos machine hostname is
proliant.
I have 2 Nics and 1 hostname=proliant so i think maybe it is a problem
with correct resolve of internal LAN names. Look at my /etc/hosts
How they should look like valid entries for the ProLiant machine with 2
NICS ??
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 localhost.localdomain localhost proliant
192.168.1.2 proliant
192.168.0.1 proliant.geodezja.wolomin.pl proliant
#83.18.17.30 geodezja.wolomin.pl proliant
192.168.0.2 sm2
192.168.0.3 sm3
192.168.0.4 sm4
192.168.0.6 sm19
192.168.0.8 sm9
::1 localhost6.localdomain6 localhost6
2) Maybe its iptables problem ???????
I still have error with /etc/init.d/squid start [failed] and in logs
there are no warnings or errors !?
Sorry for my english
PLEASE HELP!
Received on Mon Mar 15 2010 - 17:00:40 MDT
This archive was generated by hypermail 2.2.0 : Mon Mar 15 2010 - 12:00:04 MDT