At 08:50 AM 7/6/2000 +0500, you wrote:
>I am using Squid Proxy Server (ver 2.2 Stable 4) on Redhat 6.1 for
>accessing internet. While all the clients (windows 95/98) are able to
>access internet over squid, no one is able to do an FTP or Telnet to
>Internet over squid. How can I enable squid to allow its clients to
>establish a telnet/ftp or a pop3/smtp session over internet ??
The number of times I have heard this is not funny. Each time I get a new
SysAdmin, with CISCO and MCSE certification, I have to teach him this.
Firewall != Proxy != Gateway != IP Router. I don't care if, in your old
office, you were using the same box for all this.
In particular, a Firewall is not, design wise, a Proxy; a firewall
restricts access, a proxy enhances access. Yes. Yes. Yes.
I have used Squid marginally, and IIRC, it is an excellent HTTP
cache/accelerator. Category: Proxy. I have heard of FTP modules for it
too. Asking it to do telnet is going a bit too far, you do not need a
proxy, you need a gateway. Perhaps you need to do ip-masq? NAT? Set up
ACLs in whatever you do? Use traceroute to check forwarding? There is a
ton of stuff to check before your network will work right; I could send you
a few commands which work for me, but are very likely not going to work for
you.
Now the simple, short, most likely wrong answer to George's problem:
1 On the Linux, ipmasqadm; replace 192.168.200 with your local net
address:
ipfwadm -F -e -a masquerade -S 192.168.200.0/255.255.255.0 -D 0.0.0.0/0
2 On the '98s, Default Gateway.
-- Ghane
The mailing list archives are available at
http://lists.linux-india.org/cgi-bin/wilma/linux-delhi/
