So let me get this straight. You use the squid box as default gateway for your internal machines even though it only has one NIC, and then you have the router as default gateway for the squid And you say it drops "some" packages, but not all. Which packages does it drop?
Correct. I also have it set up so that my internal web servers don't get "squidded". It seems to have dropped the initial http requests tom my internal web but eventually let them through, resulting in an initial delay of a second or two.
But I have to say, I've never had much luck with implementing a router with only one NIC, on any platform. Your squid box is effectively a router, and as such should have two NICs
Well it works just fine with only one :) It's not really a router either since for all non http traffic it only sees the outgoing traffic. All returning goes straight to the clients since there's no masquerading going on. I have now ditched SuSEfirewall2 and gone back to using my own fw ruleset and now it's up and running. The only problem I got by that is that the /proc/sys/net/ipv4/ip_forward got set to 0. I checked that boot.ipconfig set it to 1 and even mande an entry in sysctl.conf but something later on in the startup routine still changed it. I ended up having to set it in my fw-script startup. - Peder -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
