[squid-users] Squid as Bridge
dear friends, i m looking to deploy a linux server that reside between the network internet. my router has the LAN side IP as 192.168.1.1/20 its DHCP puts gateway as 192.168.1.1 with DNS1 DNS2 IPs on the internal LAN. i only want to setup squid in this linux server that can work as web cache firewall with content blocking, in such a way that we dont have to make any changes in client systems or use any proxy config. in browsers. it should work with same gateway dns settings. can any1 help me out? bye
[squid-users] bandwith restriction
Hi, I want to use delay pool to limiting per host/ip in my network.We have 200 users in my organization.And i want to restrict them by each host/ip. please guide me for that. How to use delay pool for my requirement? Thanks, Benjo
Re: [squid-users] Squid as Bridge
On 18/06/11 14:29, ondemandemails wrote: dear friends, i m looking to deploy a linux server that reside between the network internet. my router has the LAN side IP as 192.168.1.1/20 its DHCP puts gateway as 192.168.1.1 with DNS1 DNS2 IPs on the internal LAN. i only want to setup squid in this linux server that can work as web cache firewall with content blocking, in such a way that we dont have to make any changes in client systems or use any proxy config. in browsers. it should work with same gateway dns settings. can any1 help me out? bye Set up a bridging firewall with a transparent squid set up on an IP local to the firewall? This page is about 4 years old but it should still be relevant: http://teklimbu.wordpress.com/2007/10/11/running-a-transparent-linux-squid-bridge/ Alex
RE: [squid-users] bandwith restriction
Hi Benjo, To be able to shape per ip per subnets you will need to use delay pools as follows: (I am using this on squid 2.7) Delay_pools 1 Delay_class 1 2 Delay_parameters 1 -1/-1 64000/64000 (this shapes ur traffic for 512kbps/user) Acl throttle_subnet1 src 192.168.x.x/24 Delay_access 1 allow throttle_subnet1 Delay_access 1 deny all Take care banjo that for order for this to work all your client ips must hit the cache directly and not reach the cache through a nat rule otherwise your squid will see that all your web traffic is coming from one single ip and thus it will shape all your inner lan traffic as one ip and thus all your inner will be shaped to just 512kbps. Hope this is clear enough for you. Sincerely, Ragheb Rustom Smart Telecom S.A.R.L Sin el fil Highway Mirna Chalouhi Center - 8th Floor Beirut, Lebanon Telefax: +961-1-491582 Mobile: +961-3-286282 Email: rag...@smartelecom.org -Original Message- From: benjamin fernandis [mailto:benjo11...@gmail.com] Sent: Saturday, June 18, 2011 7:02 PM To: squid-users@squid-cache.org Subject: [squid-users] bandwith restriction Hi, I want to use delay pool to limiting per host/ip in my network.We have 200 users in my organization.And i want to restrict them by each host/ip. please guide me for that. How to use delay pool for my requirement? Thanks, Benjo
Re: [squid-users] bandwith restriction
Hi Ragheb, Thanks for your quick response. == Take care banjo that for order for this to work all your client ips must hit the cache directly and not reach the cache through a nat rule otherwise your squid will see that all your web traffic is coming from one single ip and thus it will shape all your inner lan traffic as one ip and thus all your inner will be shaped to just 512kbps. = currently my squid 3.1 is running in transparent mode.and i used iptables rules to transfer port 80 traffic to port 3128(squid port).That is ok. Is there any change required with my existing setup to achieve delay pool facility. And yes i also added iptables postrouting masquerade rules for other traffic. Kindly suggest me with your assumption for the same. Thanks, Benjo