My netowrk interface:
My iptable T1:
http traffic not follow the iptables. sometime via eth1 or eth2
After squid.conf added "tcp_outgoing_address wan1's gateway" it worked correctly
Why? what squid do?
The http traffic:
Why iptables can't not control the traffic
I want creat the tables T2 =>for load balancer
How to make squid route follow this table
How To: Load Balancing & Failover With Dual/ Multi WAN on Linux proxy server I have 3 WANs connection (2 ADSL and 1 Wimax). And 30 clients on LAN.
eth0 connect with Wimax
ip= 172.23.x.x
eth1 connect with ADSL1
ip=10.10.6.x
eth2 connect with ADSL2
ip= 10.10.5.x
eth3 connect with LAN
ip=192.168.1.x
how to do Load Balancing & Failover With Dual/ Multi WAN on Linux proxy server.
I have a network with two WAN links. One link is supposed to be for Senior Management and the other for the rest of the company. Currently all traffic seems to be going via one WAN link.
Is it possible to setup squid to select the link to use by checking the mac address of the requesting computer
I am using haproxy for the first time.I downloaded the latest version 1.4.7 and then unpacked it.then opened the terminal and wrote the command
After which an executable haproxy file was created which I copied to /usr/local/sbin. then i wrote $sudo make install. then I make a configuration file in /etc/haproxy.cfg which is as follows
But it's not working it is various kind of errors intially it was showing "cannot bind to socket" so tried changing the port number but didn't help. I also used command like $sudo sysctl net.ipv4.ip_nonlocal_bind=1 But didn't help.
I am working on a load balancing project. The type of routing I am implementing is direct routing (LVS-DIR).
The following is a script that sets up the Linux Virtual Server (LVS) or the load balancer:
On both, the LVS and Real Server 1, the firewalls (iptables) are not running.
A few questions I have are:
1) On the LVS, is apache supposed to be running?
2) If so, what would be the ServerName for apache on the LVS?
3) What would be the ServerName for apache on the real server1, is it the server real IP or the VIP?
When I try to access the web content on real server1 in a browser on the LVS, I get Failed to Connect. A connection to the server cannot be established.
The load balancer has two NICS, eth0 and eth1. The real servers will connect to the load balancer via eth1, and the client will connect via eth0.
I have set up one of my linux box as link load balancer for two ADSL connection. After deployment, I have found out that instead of being fast, it has become slow. What I have observed that my request get out to internet but comes back intermittently. Is this a standard scenario ?
View 1 Replies View RelatedMy requirement is to route ssh sessions from a single head node to multiple slave nodes. So what i want is, for a client there is just one point of entry (master/head node) to ssh into, it evaluates the load on the slave nodes connected on to internal network and routes the ssh session, kind of a ssh load balancer. Do you have any idea what open source solution i can apply for my problem?
I have tried using LVS piranha, it works well for http and https load balancing but not for ssh load balancing.
Currently my DHCP Server is working now what i want to have is auto detection of squid proxy in any browser but I still got an error in my dhcp server when I restart it.
My Config:
# DHCP configuration generated by Firestarter
ddns-update-style interim;
ignore client-updates;
[code]....
I'm trying to setup a linux box with 3 NICs (2 WAN links and 1 LAN). All http traffic (port 80) should go to WAN 1 via squid proxy and the rest to WAN 2. I already setup MASQUERADING in iptables and I already configured port 80 to redirect to port 3128 for squid. My default gateway is WAN 2. But the problem is squid uses the default gateway - WAN2. setting up the iptables / routing for squid to use WAN 1?
View 7 Replies View RelatedHow to configure load balancer to create a 4 server web farm.
View 1 Replies View RelatedI am trying to set up squid to make switching proxies easier. I have a laptop which I use at work and at home. At work, I need to connect to the internet via a authenticated proxy. At home, I connect directly to via mobile broadband. So I end up switching proxy settings twice daily, which is just irritating! To solve this I want to set up a system whereby I never have to worry about a proxy - my browser sees a direct internet connection which squid (on my computer) intercepts and forwards either to the mobile broadband connection or to the work proxy (along with the required authentication) depending on which is available. I've read various articles on how to do clever things with iptables and squid, but I don't understand enough of the networking jargon or concepts to know when I need to change to make it work in my situation, or if it is even possible.
View 2 Replies View RelatedI need to block some of my sites with SQUID Proxy. I added following lines to my SQUID configuration file but still the site remains unblocked.How to block it?
acl blocksites url_regex yahoo http_access deny blocksites
I have also tried saving some url & filter content in a file and edited configuration as follows,
acl blocksites url_regex "/etc/squid/squid-block.acl" http_access deny blocksites
The squid-block.acl file contents are, .cricinfo.com mp3
I have set up squid3 and dhcp server on my Ubuntu 10.04 box with IP address of 192.168.0.160. Single network card.Squid runs on port 3148. Everything works fine for the users provided that I set up the proxy details manually on each client pc.I want to set up the Squid to run as a transparent proxy and after reading around I have done the following.In the Squid3 conf file I have entered http_port 3148 transparent.Dropping to Root ( sudo -i )However the transparent proxy does not work and if I enter iptables -L I can see that the rule above has not been retained. The default rules in iptables only show up.
View 5 Replies View RelatedWe have two offices suppose A and B. At office A, we use centos 5.3 computer as router and squid proxy server. At office B we use a cisco router to connect to Internet. Computers at office A that has direct access to Internet can access computers behind cisco router at office B using vnc viewer. But computers at office A that can use internet only through squid proxy can't access computers behind cisco router at office B. Is there any way so that I could allow squid clients to access computer behind cisco router at office B using vnc viewer.
View 3 Replies View RelatedI need to install web proxy on my VPS, means, i'll get ip:port (without login and password) to add on firefox and to connect throught that Proxy ....
I have successfully installed Squid (with the command line : yum install squid)
Now, i need to know how to change squid.conf to be able to use that ip:port on firefox .
I am trying to setup a High-Availability HTTP Load Balancer With HAProxy & Heartbeat using the below links.
I have all RHEL 5.4 servers hosted on VMWare.
[url]
[url]
This is the scenario, as given in the links as wells as my setup.
Load Balancer 1
Load Balancer 2
Web Server 1
Web Server 2
I have followed all the steps mentioned in the links religiously except the 2.2 here, in which it is asking to configure the vhosts. I could not really understand , what is to be placed in /etc/httpd/conf.d/vhosts.conf file and in which Web Server.
Due to this step only, I think I am failing in Failover test given in Point 4.1 here. I am able to open the webpage by [url] which gives the content of Web Server 1 (http1.example.com). But, when I try to shutdown the http service (to check failover), it does not shows the contents of Web Server 2 (http2.example.com)
Although, I am able to succeed in Failover Test 4.2, in which shared IP 192.168.0.120 switches when I try to start/stop the any of the Load Balancers.
I would like to ask some help and tutorial for setting up and how to configure squid proxy server in my (Home PC Server). I am a newbie in Linux Centos. I already installed in my system the CentOS 5.5 . Now, I want to configure it as my internet server, all of my 4 system running in Windows including the laptop I want to connect through my CentOS pc with username authentication. I assign all IP address by static. see tthe attachement in my set up. [url] I just want to know what I need to change and add in my squid config file. And how can I configure properly my CentOS with 2 LAN card as internet server.
View 1 Replies View RelatedI've problem with configuring transparent proxy on Fedora v13 was checking with several examples, last one from here on router (cisco 1812) everything seems ok, think there is a problem with Linux
Squid machine and router 'see each other'
Code:
While try to open web page, on GRE there is:
Code:
But when want to see what hapenning in tunnel between router and squid - there nothing...squid configuration is ok - was checking before try to make it transparent.
I need to block some of my sites with SQUID Proxy. I added following lines to my SQUID configuration file but still the site remains unblocked.How to block it?acl blocksites url_regex yahoohttp_access deny blocksitesI have also tried saving some url & filter content in a file and edited configuration as follows,acl blocksites url_regex "/etc/squid/squid-block.acl"http_access deny blocksitesThe squid-block.acl file contents are.cricinfo.commp3
View 2 Replies View RelatedI need to create two Access Control Lists for my networks using SQUID proxy. The ip address range from 165.165.42.10 to 165.165.42.50 for one network and from 165.165.42.60 to 165.165.42.90 for another network. How can I make it?
View 2 Replies View RelatedHow to configure SQUID proxy server in ubuntu 9.10 ?
View 7 Replies View Relatedhow-to configure squid proxy server. I still haven't been able to find a solution. I want to set up squid as a open http proxy server. So people from other networks can connect through the proxy without having to login.Do I have to use iptables to reroute http traffic to squids proxy port? I have forwarded the port in my ISP modem so I know thats working, its the squid config that has flaws or iptables locally.
View 1 Replies View RelatedI have Squid Version 3.0 PRE5 installed on debian etch.Howto exclude some URL from the proxy caching at squid.conf ?
View 5 Replies View RelatedNeed a bit of help from the linux community. Lately, I have been trying to configure squid as transparent proxy on my server running on RHEL5. I had gone through few articles on web abt how to configure it and configured squid accordingly adding http_accel_xyz settings and then configuring the NAT using iptables. But while restarting squid there were warnings about "unrecognized: http_accel_..." in parseConfigFile.What I could get from these is that probably I need to recompile squid adding transparent proxy support. I downloaded the new squid 3.0 and tried to compile it.But unfortunately, the 'make' command fails giving library errors.I have been stuck with t now as the new squid does not compile and old one does not support the transparent mode.could compile the new one and what supporting libraries do I need to compile it successfully and also from where can
View 7 Replies View RelatedMy network is:
ISP --> SonicWALL--> Proxy --> LAN
Currently Sonicwall is running VPN, DHCP, port forwarding etc.. in a range of 10.0.0.0/24 and I have tried to configure Squid Proxy for content filtering (using squid 3 Transparent mode on Fedora 10 and Iptables). Now I need to implement the proxy over my network without changing the SonicWALL current settings (VPN, Port forwarding and DHCP).
I need to set up an ip table and a transparent squid proxy as followed: I have 3 machine: Machine 1 works as a squid proxy. It has 2 interface eth1 and eth2.
eth1: 192.168.99.2 (Connect to eth1 of machine 2)
eth2: 192.168.98.2 (Connect to eth1 of machine 3)
machine 2 works as a webserver
eth1: 192.168.99.4
machine 3 works as a web client.
eth1: 192.168.98.4
my responsibility is to send all tcp traffic from machine 3 at port 80 to my squid proxy. In order to fulfill the tasks, I have edited the squid.conf as followed: Code: http_access allow localnet http_access allow localhost and in machine 1, I tried 2 ip tables command: Code: iptables -t nat -A PREROUTING -i eth2 -p tcp --dport 80 -j DNAT --to 192.168.99.2:80 iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j REDIRECT --to-port 80 I don't know if it is right or wrong.
My skill in fedora linux is all acquired by reading online and trial and error. I manage to set up my squid 3.0 proxy server in fedora 11. It is working smoothly as I wanted it to be. I have one client who is running bittorrent that drags all the bandwidth of our network.The problem is I cant make my server work tranparently. I want to make transparent proxy so that it can support my wireless router and I want to control the bandwidth to a fair level for everyone without them knowing.
Please somebody help me configure iptables in step by step, specifically in fedora 11. And all other necessary configuration needed to run my transparent squid 3.0 proxy in fedora 11.I know there's a lot of Linux Genius here that can help. Please help me I needed it badly.
I'm looking to setup a web proxy using squid.I already have a hardware firewall NAT'ing device that all the connections go through.I'm planning to install the squid web proxy on a VM (single nic) and place it behind the hardware firewall as below:internet -- modem -- Firewall --switch--squid proxy (192.168.10.100)--client workstation ((192.168.10.200)(client workstation is connected to the same switch as the squid proxy)And on the client workstation's Internet Explorer: Tools->Options->Connection-Lan Settings and check the box for "Use a proxy server for your LAN then type the address of the squid proxy (192.168.10.100) and set the port to 3128. Check the box for Bypass proxy server for local addresses.
View 1 Replies View RelatedI am using Fedora Core 9.0 and Squid Cache: Version 3.0.STABLE2 .
Now i am trying to use the squid as a proxy server but its not working its giving error like this ...
While trying to retrieve the URL: /
The following error was encountered:
Invalid URL Some aspect of the requested URL is incorrect.
Possible problems:
Here is my squid.conf
While trying to retrieve the URL: /
I have also try to forward the traffic coming on 3128 to 80 but its not working:
I use ssh to port forward my browser(firefox) using SOCKS to a "server"(ubuntu desktop with ssh ) I have in the UK, to watch iplayer etc wen traveling... I forward port 1024 (default port for SOCKS? **mite b untrue..). the "server" is running ubuntu 11.04.
could i set up a transparent proxy(squid) on the "server" in the hope tht it speeds up the connection etc... my thot was get squid to listen on port 1024, or set up the ssh port forwarding to the squid port... would tht work? is the a better/different way to do it? the issue is tht sometimes the ssh connection can b slow at times
