Warning: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in ..../includes/class_bbcode.php on line 2962
Squid and home networking
Results 1 to 10 of 11

Thread: Squid and home networking

Hybrid View

  1. #1

    Question Squid and home networking

    I have a DSL router on my home networking with 3 pc's connected to this DSL. I would like to implement a Linux Squid Proxy/Web cache server on my home network, controlling the 3 pc's access to the internet.

    1) Do my Linux box need 2 network cards, one connected to the home LAN, the other connected to the DSL router?
    2) Or, can I simply redirect my users to the Linux Squid and then to the DSL router?
    3) What should my default gateway then be?
    4) What is the minimum/default setup for Squid? THere is a miriad of settings in the squid.conf file. ACL, http_access? Can I leave the rest as default and still have logging, cache etc?

    Thanks for thge help!

  2. #2
    1) Do my Linux box need 2 network cards, one connected to the home LAN, the other connected to the DSL router?
    Ans) Better to have two lan cards put one lan card and DSL lan interface on one subnet say 192.168.1.0 and use a seprate subnet for you home pc say 192.168.2.0

    What should my default gateway then be?
    Ans. while usingsquid as a caching server no need to give gateway settings as u will have proxy settings in the browser.

    its only a six line configuration to get squid up and runing the rest u can leave as default.

  3. #3
    http://www.linuxhomenetworking.com/w...ess_with_Squid
    read this and u will get whole u need.
    LASANTHA

  4. #4

    Confused



    Thanks for a great article.

    I'm stills struggling to setup squid at my home with 2 lan PC's connecting with DSL to the i-net.

    Questions: Does my squid box need 2 network cards?

    Should the setup be like this?

    Code:
         ~~~~~~~~~~~~~~~~~~~~~~~
    <--  ~(inet ip) DSL Router ~
         ~           (10.0.0.2)~
         ~~~~~~~~~~~~~~~~~~~~~~~
                             |
                          ~~~~~~~~~~~~~~~~~
                          ~(eth0 10.0.0.3)~
                          ~     squid box ~
                          ~(eth1 10.0.0.4)~
                          ~~~~~~~~~~~~~~~~~
                                  |
                               ~~~~~~~~~~~~~~
                               ~ eth Switch ~
                               ~ 10.0.0.x   ~
                               ~~~~~~~~~~~~~~
                                   |
                              LAN clients
    Thanks

  5. #5

    Smile

    thats depend on the logical thinking. If u need to do this with single network card u can. First of all u need to understand the theory behind this. Then try to apply the theory to the logic. If not u allways feel dought in every thing.
    LASANTHA

  6. #6

    Unhappy Squid not working :-<

    Thanks for all the great help.

    I did read the linuxnetworking HowTo, but, ny setup is still not working. Please help.

    I've installed a second NIC.
    eth0 is set to static 10.0.0.1 255.0.0.0 DG 10.0.0.2 (the DSL router's IP) and connected to one of the ports on the DSL router.
    eth1 is set to static 10.0.0.10 255.0.0.0 DG 10.0.0.2 and connected to the router of my local LAN (range 10.0.0.0/8)

    The contents of my squid file looks like this:
    auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/squid_passwd

    #Recommended minimum configuration:
    acl all src 0.0.0.0/0.0.0.0
    acl manager proto cache_object
    acl localhost src 127.0.0.1/255.255.255.255
    acl to_localhost dst 127.0.0.0/8
    acl SSL_ports port 443
    acl Safe_ports port 80 # http
    acl Safe_ports port 21 # ftp
    acl Safe_ports port 443 # https
    acl Safe_ports port 70 # gopher
    acl Safe_ports port 210 # wais
    acl Safe_ports port 1025-65535 # unregistered ports
    acl Safe_ports port 280 # http-mgmt
    acl Safe_ports port 488 # gss-http
    acl Safe_ports port 591 # filemaker
    acl Safe_ports port 777 # multiling http
    acl CONNECT method CONNECT
    acl home_network src 10.0.0.0/8
    acl BadSites dstdomain "usr/local/etc/restricted-sites.squid"
    acl ncsa_users proxy_auth REQUIRED

    http_access allow ncsa_users
    http_access allow manager localhost
    http_access deny manager
    http_access deny !Safe_ports
    http_access deny CONNECT !SSL_ports
    http_access deny to_localhost
    http_access deny BadSites
    http_access allow home_network
    http_access allow localhost
    http_access deny all

    icp_access allow all

    http_port 3128 transparent

    hierarchy_stoplist cgi-bin ?

    acl QUERY urlpath_regex cgi-bin \?
    cache deny QUERY

    access_log /var/log/squid/access.log squid

    refresh_pattern ^ftp: 1440 20% 10080
    refresh_pattern ^gopher: 1440 0% 1440
    refresh_pattern . 0 20% 4320

    acl apache rep_header Server ^Apache
    broken_vary_encoding allow apache

    visible_hostname localhost

    coredump_dir /var/spool/squid
    I've left a lot of the settings on default. I've followed a lot of the recommendations from an article on Linux Home networking (http://www.linuxhomenetworking.com/w...ess_with_Squid).

    My problems were:
    1) I've lost internet connectivity from the squid box as well as from all the clients.
    2) The squid's network config seemed as if it was losing an IP. When I ifconfiged, it showed as set above. After pinging several ips in my network, ifconfig suddenly reported eth1 as 169.254 ip (apipa address). How and/or why does eth1's static IP get changed to an APIPA address?
    3) Is my default gateway correct as being the DSL router (10.0.0.2).
    4) Should the proxy settings in my clients browsers be eth1 (internal) or eth0 (dsl router)?
    5) Do I need to set iptables and firewall as described in above article? I don't need to use transparant proxy?
    6) Where do I change the hostname of my squid box, which is now set to localhost?
    7) Will someone also confirm that my squid.conf is correct. I did setup the ncsa_authorisations.

    Thanks for all the help so long.

  7. #7
    same problem

  8. #8
    Quote Originally Posted by doing143 View Post
    same problem
    I am also having the same problem with exactly the same setup as you topology wise.
    My XP machine 192.168.1.3 Gateway 192.168.1.1 static should be able to ping my eth2 (local traffic) 192.168.1.5 DHCP (router) but for some reason it won't.
    I do however have an internet connection on my Linux box running through eth1 (192.168.1.6) do I need to setup masquarding? I am using SUSE 10.3 and I do have this option checked in the security/firewall settings in Yast. Due to using SUSE there is also a problem with using the ip tables command and I wondered if there is a way to identify if settings are deffinatly applied that I am executing from script in bash.
    Should I disable DHCP on my router and allow the gateway to assign address or should i use them as static.

  9. #9
    Don't worry problem solved. Turns out it was a problem with my pinger helper the whole time.
    Fortunatly this is well document everywhere.,

  10. #10
    Advisor beezlebubsbum's Avatar
    Join Date
    May 2004
    Location
    Australia
    Posts
    735
    woot problem solved!
    My Website: http://ttgale.com
    My Website Uptime: http://img.uptimeprj.com/holastickbo...dee9bae2e2.png
    My Server Specs: AMD Athlon X2 3800+, 2gb DDR2 RAM, 1.5TB HDD, Ubuntu 9.10
    My Gaming PC: Intel Core 2 Duo 2.93ghz, 4gb DDR2 RAM, 9800GTX+

Similar Threads

  1. Squid/Networking
    By mrbronz in forum Linux - Hardware, Networking & Security
    Replies: 1
    Last Post: 01-05-2012, 04:22 AM
  2. Home networking, how?
    By corekernel in forum Windows - General Topics
    Replies: 4
    Last Post: 01-22-2007, 09:50 PM
  3. home networking
    By deepa in forum Linux - Hardware, Networking & Security
    Replies: 1
    Last Post: 11-01-2006, 02:06 PM
  4. Home networking fun
    By kornp in forum Linux - Hardware, Networking & Security
    Replies: 2
    Last Post: 09-19-2005, 05:10 PM
  5. Home networking problem
    By roneill in forum Linux - Hardware, Networking & Security
    Replies: 7
    Last Post: 04-11-2005, 07:03 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •