[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Transparent proxy from different networks



How are your interfaces set up? Is there any VLAN encapsulation on your
network or are they purely VPN, and if so... what kind of VPN?

A tcpdump or tshark dump would help greatly, too.

-  
James Maurice Shupe       | HermeTek Network Solutions
shupej@hermetek.com       | *NIX Consulting and Hosting
GPG signed mail preferred | http://www.hermetek.com
Plain text mail preferred | 1.866.325.6207

Key fingerprint: D484 EACC 9D0F A2A5 5277 C4A8 5704 1987 A938 DF3A

------------------------------------------------------------------------
This Email is covered by the Electronic Communications Privacy Act,
18 U.S.C. 2510-2521 and is legally privileged. The information
contained in this Email is intended only for use of the individual
or entity named above. If the reader of this message is not the intended
recipient, or the employee or agent responsible to deliver it to the
intended recipient, you are hereby notified that any dissemination,
distribution or copying of this communication is strictly prohibited.
If you have received this communication in error, please immediately
notify us by telephone 1.866.325.6207 and destroy the original message.


On Mon, 2008-10-06 at 10:05 -0500, Jason Voorhees wrote:
> Hi all:
> 
> I have a Squid running on 192.168.1.1 listening on 3128 TCP port. Users
> from 192.168.1.0/24 can browse the Internet without problems thanks to a
> REDIRECT rule in my shorewall config.
> 
> But users from differents networks (192.168.2.0/24, 192.168.3.0/24,
> etc.) can't browse the Internet. Those networks are connected to
> 192.168.1.0/24 via a VPN connection.
> 
> My redirect rule in iptables syntax is like this:
> 
> iptables -t nat -A PREROUTING -s 0.0.0.0/24 -i eth2 -p tcp --dport 80 -j
> REDIRECT --to-ports
> 
> Is there a restriction to work transparent proxy for other networks
> different from 192.168.1.0/24? Do I have to configure squid to listen on
> each range o network addresses?
> 
> Thanks
> 
> 

Attachment: signature.asc
Description: This is a digitally signed message part


Reply to: