[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 7/10/06, Miles Brennan <[email protected]> wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Ankush Grover wrote:
> hey friends,
>
> I want to configure transparent proxy on squid for my company on FC3.
> For time being I am  testing the configuration on the test machines.
> The testing machines consists of a laptop on which Windows 98 is
> running and a machine on which FC3 is running with 2 Lan Cards.
>
> The ipaddresses of the LAN cards are
>
> eth0:   192.168.1.129  subnetmask 255.255.255.0
> eth1:   192.168.1.130   subnetmask  255.255.255.0
>
> Windows 98 machine is having only one LAN Card
>
> eth0:  192.168.1.151 subnetmask 255.255.255.0
>
> Windows 98 (eth0) and FC3 (eth1) are connected to each other through
> cross cable and the FC3 eth0 is connected to the rest of the network
> of the company.
>
> Now the problem is that both the PCs are not able to ping each other
> (Windows 98 & FC3). But If I disable eth0 on FC3 then both are able to
> ping each other but not when eth0 is active on FC3. I have defined
> GATEWAY=192.168.1.110 under /etc/sysconfig/network.
> SELinux is off on FC3 and iptables are also not configured.
>
> Please guide me how to configure networking between FC3 and Windows 98.
>
> Thanks & Regards
>
> Ankush Grover
>

Ankush,

Your FC3 system is configured incorrectly with the rest of your network.

Firstly, both of your FC3 network cards are on the same subnet
(192.168.1/24), so they won't route anything; hence the erratic network
behavior.

Your default gateway (192.168.1.110) is connected to your FC3 eth0. As
far as the FC3 system is concerned, it will send all data out of the
eth0 NIC, so all ping requests/responses are not being sent to your
Win98 box. That's why it only works when you disable the FC3 eth1
interface (they are both on the same network, that's bad).

If you want your FC3 system to act as a router (or transparent proxy),
then change:

        FC3 eth1 --> 192.168.2. something
        W98 eth0 --> 192.168.2. something else
        Subnet:      255.255.255.0

(W98 box needs to point to FC3 eth1 as it's default gateway.)

Then enable packet forwarding...

echo 1 > /proc/sys/net/ipv4/ip_forward

However, if you want to configure transparent proxy, you don't need to
enable port forwarding, you need to redirect all outbound HTTP requests
to the Squid port. This can be done with a simple iptables rule on your
FC3 box:

iptables -t nat -A PREROUTING -i eth1 -s 192.168.2.0/24 -p tcp --dport
80 -j REDIRECT --to-port 3128

hey,

Is it necessary that the clients connecting to the eth1 on the FC3
should be on the different subnet than the eth0?

Is it possible to keep both the ethernet cards on the same subnet and
transparent proxy should work efficiently ?

Thanks & Regards

Ankush Grover


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]
  Powered by Linux