Hello!
I have a little problem with transparent proxying on our test server, and i
need some help. We have managed to make one test server, for transparent
proxying. But i can't make it work. If there is some working squid proxyes
(transparent) please advise me how to make it work.
Few questions i have to ask before you can take a closer look to my
"problem".
1. Can i run DNS server on Transparent proxy server (is there any problems
with that)?
2. Do i need wccp module for communication with cisco or i can manage that
with 2 eth. cards?
3. Can i probe my transparent proxy server if i put on my workstation
gateway 195.252.112.17?
I'll hope, that you can help me with this and give me some instruction's
how to make transparent proxy realy work. If you need any other informations
please mail me.
Thank you all. Luka
Hardware :
Intel Pentium II (Deschutes) on 350MHz clock, with cache size : 512 KB.
SDRAM is 128Mb with Swap 256Mb
Quantum UW SCSI disk's with 4Gb capacity each. (3x) mounted like this :
________________________________________________________
Filesystem 1k-blocks Used Available Use% Mounted on
/dev/sda3 4037708 587696 3241596 15% /
/dev/sdb1 4313300 17196 4073460 0% /speed/cache1
/dev/sdc1 4314416 17200 4074516 0% /speed/cache2
------------------------------------------------------------------------
---------------------------
and 3com 100MB/s ethernet card.
Software :
Linux Slackware 7 with Kernel v2.2.14
Ip adress : 195.252.112.17
broadcast : 255.255.255.0
Kernel config :
Code maturity level options :
[*] Prompt for development and/or incomplete code/drivers
Networking options :
[*] Packet socket
[ ] Kernel/User netlink socket
[*] Network firewalls
[ ] Socket Filtering
[*] Unix domain sockets
[*] TCP/IP networking
[ ] IP: multicasting
[ ] IP: advanced router
[ ] IP: kernel level autoconfiguration
[*] IP: firewalling
[*] IP: transparent proxy support
[ ] IP: masquerading
[ ] IP: optimize as router not host
[ ] IP: tunneling
[ ] IP: GRE tunnels over IP
[*] IP: aliasing support
[ ] IP: TCP syncookie support (not enabled per default)
--- (it is safe to leave these untouched)
[ ] IP: Reverse ARP
[*] IP: Allow large windows (not recommended if <16Mb of memory)
[ ] The IPv6 protocol (EXPERIMENTAL) (NEW)
[ ] The IPX protocol
[ ] Appletalk DDP
[ ] CCITT X.25 Packet Layer (EXPERIMENTAL) (NEW)
[ ] LAPB Data Link Driver (EXPERIMENTAL) (NEW)
[ ] Bridging (EXPERIMENTAL) (NEW)
[ ] 802.2 LLC (EXPERIMENTAL) (NEW)
[ ] Acorn Econet/AUN protocols (EXPERIMENTAL) (NEW)
[ ] WAN router (NEW)
[ ] Fast switching (read help!) (NEW)
[ ] Forwarding between high speed interfaces (NEW)
[ ] CPU is too slow to handle full bandwidth (NEW)
And in Squid config i have configuration like this :
http_port cache.drenik.net:80
########################################################
cache_dir ufs /speed/cache1 4000 16 256
cache_dir ufs /speed/cache2 4000 16 256
########################################################
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl all src 195.252.112.0/255.255.255.0 127.0.0.1/255.255.255.255
acl CONNECT method CONNECT
########################################################
http_access allow all
########################################################
httpd_accel_host virtual
httpd_accel_port 80 httpd_accel_with_proxy on
httpd_accel_uses_host_header on
########################################################
---- D r e n i k N e t w o r k s / Y u g o s l a v i a Luka Z. Gerzic Graphic design, prepress, html, networking home page: http://www.linux.drenik.net email: stinger@drenik.net / GSM +381 64 11 0 29 56Received on Fri Mar 17 2000 - 03:56:34 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:52:16 MST