[squid-users] Re: [Bulk] [squid-users] Is Browsing possible in 2 different subnets with out common gateway from Ghislain Garcon on 2005-10-28 (squid-users)

From: Ghislain Garcon <gigi_8439@dont-contact.us>
Date: Fri, 28 Oct 2005 09:27:54 +0200

Oky, then you need absolutely a gateway. A simple Linux with an Iptables
in order to slow down virus broadcasting, the ip_forward kernel option.

acl localnet src 192.168.1.0/255.255.255.0
http_access allow localnet

is enough to give access for all yours clients.

Ghislain Garçon

Geetha Thanu a écrit :
> Thank you for your reply.
> I have installed squid where internet is accessable.
> Now all my systems both PCs and servers are in the
> same subnet and squid is also working fine.
>
> since we are just setting up the LAN in our new
> building we are yet to get VLAN switches, antivirus
> etc..etc..
>
> Because of this when a PC gets affected by virus it is
> broadcasting continously and the entire network get
> blocked.
>
> so i am thinking of making all the PC in to separate
> network and just give permission only in squid to a
> particular port so that browsing is possible for the
> clients in other subnet.
>
> I tried out the same lines in squid.conf, but i am
> unable to browse from other network. pls suggest me
> with some solution.
>
> or
> should i have to configure gateway (a linux machine)
> surely.
>
> Thanks
> Geetha
>
>
> --- Ghislain Garcon <gigi_8439@yahoo.fr> wrote:
>
>
>>It looks good for your squid.conf. But I think it is
>>quite strange to
>>connect two subnetworks without gateway even if you
>>have only a switch.
>>Moreover your squid must access to internet.
>>
>>Regards
>>Ghislain Garçon
>>
>>Geetha Thanu a écrit :
>>
>>>Hello all,
>>>
>>>Pls reply is it possible to do this
>>>----------------------------------
>>>I want to have all clients in subnet 192.168.1.0
>>>
>>>and
>>>
>>>all servers in 172.16.1.0 series in LAN
>>>
>>>All the clients and servers are connected in one
>>>switch
>>>and no gateway is configured.
>>>
>>>Now i have to install squid in 172.16.1.1 say in
>>
>>one
>>
>>>server.
>>>
>>>in squid.conf i want to give
>>>
>>>
>>>acl localnet src 192.168.1.0/255.255.255.0
>>
>>http_access
>>
>>>allow localnet
>>>
>>>Now with this set up can the client with
>>
>>192.168.0.0
>>
>>>series can browse internet with their proxy server
>>
>>as
>>
>>>172.16.1.1
>>>
>>>Please reply
>>>
>>>Thanks
>>>Geetha Thanu
>>>
>>>
>>>
>>>
>>
> __________________________________________________________
>
>>>Enjoy this Diwali with Y! India Click here
>>
>>http://in.promos.yahoo.com/fabmall/index.html
>>
>>
>
>
>
>
> __________________________________________________________
> Enjoy this Diwali with Y! India Click here http://in.promos.yahoo.com/fabmall/index.html
>
Received on Fri Oct 28 2005 - 01:27:57 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Nov 01 2005 - 12:00:05 MST