Re: [squid-users] tproxy first time implementation on squid.

2017-10-22 Thread Alex K 
You might be missing a NAT at last node before the packet is left to
Internet otherwise you need a public IP at the windows client.

On Oct 22, 2017 19:08, "Hanoch Hanoch K"  wrote:

> Hi
> I am trying to configure tproxy to expose the ip address i am using to
> internet sites and not the ip address of the squid server.
> I did read the wiki from the squid web site and acted upon.
> the environment i am using is test and i will need to deploy it into
> producton when test will work and all the subject will be clear to me.
> so the server is ubuntu 14.04.
> squid was compiled with netfilter prefix.
> the kernel is new and seems to have built in support in the tproxy.
> iptables rules where created as the wiki request.
> route option had been applied and the sysctl was configured as requested
> by the wiki.
> the client is windows 7 vmware vm and also the server is vmware vm with 2
> ethernet adapters.
> one of  the interfaces connect the windows 7 and one having ip from the
> built in dhcp server at the router and it is the internet interface.
> the server and the client both behind router and all have private ip.
> till now the setup.
> the problem is when I try to surf with this configuration i get time out.
> at the wiki it says it is routing problem.
> but digging the logs i do not understand where is my mistake.
> can i use this configuration? lets say can i send ip like 10.0.0.2 to be
> discovered at internet?
> is this configuration is legal?
> do not i need public ip on all the interfaces?
> if not what is wrong.
> i will be happy to supply any log or conf file.
> please try to help me.
>
> ___
> squid-users mailing list
> squid-users@lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
>
>
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

[squid-users] tproxy first time implementation on squid.

2017-10-22 Thread Hanoch Hanoch K 
Hi
I am trying to configure tproxy to expose the ip address i am using to
internet sites and not the ip address of the squid server.
I did read the wiki from the squid web site and acted upon.
the environment i am using is test and i will need to deploy it into
producton when test will work and all the subject will be clear to me.
so the server is ubuntu 14.04.
squid was compiled with netfilter prefix.
the kernel is new and seems to have built in support in the tproxy.
iptables rules where created as the wiki request.
route option had been applied and the sysctl was configured as requested by
the wiki.
the client is windows 7 vmware vm and also the server is vmware vm with 2
ethernet adapters.
one of  the interfaces connect the windows 7 and one having ip from the
built in dhcp server at the router and it is the internet interface.
the server and the client both behind router and all have private ip.
till now the setup.
the problem is when I try to surf with this configuration i get time out.
at the wiki it says it is routing problem.
but digging the logs i do not understand where is my mistake.
can i use this configuration? lets say can i send ip like 10.0.0.2 to be
discovered at internet?
is this configuration is legal?
do not i need public ip on all the interfaces?
if not what is wrong.
i will be happy to supply any log or conf file.
please try to help me.
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users