> > Essentially user1 connects to proxy on NIC1 port 3128, and squid
> > queries the internet on NIC2 to bring in the data the user has
> > requested from the internet.
> >
> > user 1 ---> Nic1(squid) ----> NIC2 ----> Internet ----> NIC2 ----->
> > NIC1(squid) ---->user
> >
> > Can anyone point me in the right direction to enable this
> functionality?
> >
>
> Set NIC1 up such that it's on the same LAN as user 1. Set
> NIC2 up such
> that it's on the internet, with a default gateway that allows it to
> reach the internet. Optionally, restrict Squid so it only listens to
> the IP address assigned to NIC1.
Yep definitely setup squid to that it only listens on NIC1 using;
http_port <nic1's ip address>:3128
It's the easiest way to be sure no-one on the internet can browse your internal websites using the proxy.
Also, if there are mutliple subnets on the inside of your network you'll need to add static routes to the proxy to cover each of them. This is really nothing to do with squid, just normal routing setup in the OS.
Received on Thu Apr 30 2009 - 02:52:01 MDT
This archive was generated by hypermail 2.2.0 : Thu Apr 30 2009 - 12:00:03 MDT