-----BEGIN PGP SIGNED MESSAGE-----
Temp wrote:
>And it also cannot ping external addresses.
Ok, we gotta fix that first. Squid's only going to handle http
requests. Everything else needs to get out on its own.
>So I
>don't know why we can never mind squid for a moment?
Because proxying won't work until forwarding works. Charles' post
from a few minutes ago is a good place to start (though I think you
don't want the ".o" on the module names; just 'modprobe ip_masq_ftp').
You definitely need forwarding to work, and the important stuff in
Charles' message are the ipchains rules, and the line that echos "1"
to ip_forward. (It's true that you should add firewall rules, but
that's more complicated, so let's burn that bridge when we come to it,
as one of my coworkers is fond of saying ...)
The workstation must then point to that gateway machine as its default
gateway. Try that, and make sure you don't have the redirect rule
active for squid, or proxy settings in place on your browser. Once
we've got your workstation online, getting squid to work is trivial --
you've already done the homework on that.
- -d
>-----Original Message-----
>From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On
>Behalf Of David Talkington
>Sent: Tuesday, April 03, 2001 8:00 PM
>To: [EMAIL PROTECTED]
>Subject: RE: Problem starting transparent proxy (squid)
>
>
>No, you don't need a kernel upgrade. I had thought you were trying to
>forward web requests from the gateway to some other machine, which I
>think that ipchains can't do by itself.
>
>So let's back up. Never mind squid for a moment. Can the workstation
>reach the internet? Can it ping external addresses, reach websites,
>and such, without any proxy settings? Let's establish that first, and
>then go from there. You've obviously already done quite a bit of
>reading, because the use of squid's accelerator mode in this way isn't
>exactly obvious ... so we'll get it, but we need to go one step at a
>time.
>
>
>
>_______________________________________________
>Redhat-list mailing list
>[EMAIL PROTECTED]
>https://listman.redhat.com/mailman/listinfo/redhat-list
>
- --
David Talkington
http://www.spotnet.org
PGP key: http://www.prairienet.org/~dtalk/dt000823.asc
-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.8
Comment: Made with pgp4pine 1.75-6
iQEVAwUBOsp/8L1ZYOtSwT+tAQEHJgf+J4jvE38kLR7wLK/KCsxV12T1D+ATQHUB
kusoP+p7bBI0Add6mT6dX3pOLi7lNeVrtBt8psr1DIQRA4WLPzwH2SZZl3E51j9j
wfudtwYczzp3YRS+1cSXzlIu+s3v8++NWiKg75l7/RgaA4tJHVgTY7+DopA5vVdg
l6fIa6mAYO/zgSbYWya1qAcaPnQCxztfHEljW5McASZI/ZZFktDT990b6LG4skPD
ZtZxtzSdRBPMqND3ucOLfWMOTy0s1zHFtLK0v03TGe5xbVzHcsfvvoep9jnJYvcp
wEg/VZlwqk8kNlhsMczMrnggIIVwHMyYza3DmYWm7qQyd97Xqgz8MQ==
=KZ5m
-----END PGP SIGNATURE-----
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
