I'm having an issue on multiple Lucid boxes where I can't get proxy ARP to work. This is to be used in conjunction with openswan IPSec. I've enabled forwarding and disabled sending/accepting ICMP redirects for each interface as per openswan's requirements. I've added the proxy arp lines for all, default, eth0, and lo to sysctl.conf:
Code:
net.ipv4.conf.eth0.proxy_arp = 1
I then connect the IPSec client, and I have connectivity to the server. When I try to ping (or otherwise access) something else on its subnet, I reach the intended target, but then it ARPs for the sending machine, and the Ubuntu server doesn't respond to the ARP.
I have an ARP entry that looks like this, added via arp -s 192.168.254.100 -D eth0 -i eth0 pub:
Address: 192.168.254.100 (the correct virtual IP for the client)
HWtype: *
HWaddress: <from_interface>
Flags Mask: MP
Iface: eth0
Best I can tell, everything is in order... I can listen in with wireshark on the server and see that it's receiving the ARPs, but I can't get it to respond to them.
I want to use PAC file as I work with multiple networks. But this is not working for me. Following is the code of my pac file. Can someone tell me what's wrong with it?
Code: function FindProxyForURL(url, host) { if (isInNet(myIpAddress(), "10.6.0.0", "255.255.0.0")) { return "PROXY myproxy:port"; } return "DIRECT" ; } Browser I use Firefox and platform Ubuntu.
I was having trouble getting update-manager to work behind a proxy (without authentication). I tried everything I could find in my search, including setting http_proxy environment variable, setting the System->Preferences->Network Proxy and setting the Synaptic package manager proxy settings. Nothing seemed to work.
It turns out that the problem was that the System->Preferences->Network Proxy allows "automatic" proxy (pac file), and I had used that. update-manager doesn't do anything with this setting I guess. I changed from the automatic setting to a host/port manual setting and it began working.
I suspect this qualifies as a bug. update-manager should do something more reasonable than quietly fail if the settings are for automatic - it would be really nice if it worked, and if not then an error message.
Currently my DHCP Server is working now what i want to have is auto detection of squid proxy in any browser but I still got an error in my dhcp server when I restart it.
My Config:
# DHCP configuration generated by Firestarter ddns-update-style interim; ignore client-updates;
At the moment I have a proxy and all the users have to configure it in the browser to access internet. I want to make the users able to browse even without configuring the proxy in the browser. but eventually it should be received in the proxy rather than giving an error to the user. I heard with transparent proxy I can redirect all the traffic from a particular network, to a particular host( ie my existing proxy).
I tried this using firewall rules. But then the existing proxy doesn't understand the protocol of the requests. I heard that it should be in the kind of proxy protocol.
I've setup squid proxy st time on centos 5.This is my current setup.squid.conf:Quote:acl our_networks src 192.168.10.0/24 ttp_access allow our_networksQuote:
internet -- modem -- Firewall --switch--squid proxy (192.168.10.100) --client workstation ((192.168.10.200) (client workstation is connected to the same switch as the squid proxy)
Now able to connect to the internet with Mozilla Firefox. Package Updater still not receiving updates....Opened Terminal window and logged in as root: Added following to the yum.conf file:
I am using FEDORA 11 and Squid 3. Squid configured and working perfectly but some Win XP users unable to access their mails through outlook express. can anybody guide me what should i do to enable pop/smtp ports via through nating / MASQUERADE etc..
I am trying to set up Apache and Webmin so that I can access Webmin by going to [URL]. I am using the direction at [URL] under the "Webmin In A Sub-Directory Via A Proxy" section. I had this setup working before, but I think an update of either Webmin or Apache broke it. Now, I can go the the webpage and I see the login screen. However, when I try to log in, I get an error.
Quote:
Error - No cookies
Your browser does not support cookies, which are required for this web server to work in session authentication mode I have tried adding the ProxyPassReverseCookieDomain and ProxyPassReverseCookiePath directives to my virtual host config file, but it still doesn't work.
In my college many proxy : port (like 144.16.192.245:8080)are using to get Internet connection, performance of each proxy changes, how can i decide which one is working well at particular time. is there any way to switch over them automatically?
I have configured a squid proxy server with @2 eth in different network subnet and with site blocking and extn file download blocking. One eth0 for office wired network and another eth1 is for office wireless network for laptop use for guest and visitors.
The problem is [URL] is an Indian government website, which is not working though this proxy server and the Internet Explorer is getting very slow and freezing the computer. In alternate I have configured a another test server with squid proxy with out any security and test the same. the problem is still with the all the computer in the network. The above website is perfectly working with Gateway configuration in TCP/IP properties in Network Configuration in MS Windows XP computers but through squid proxy its not working.
I've been trying to make myself anonymous, but I cant find 'Tor' anywhere, tried 'yum & kpackagekit' neither have it. I did find 'Privoxy', installed it, set proxy for HTTP and HTTPS in Firefox, but it says 'unknown proxy' when I try to use it! I've been to the Privoxy web site and read through the 'User manual', but most of it is 'geek' to me!
I just installed the Lucid server, set IP address, Default gateway and Preferred DNSs and need to be able to use apt-get. Right now this is not possible and my guess is that I have not set the proxy used in my LAN (which is 192.168.255.60:8080) cause I have no clue how to do it.I can ping every other machine locally but not on the Internet...
I am trying to set up my squid3 proxy as a transparent proxy - right now, I have to manually configure browsers to access via proxy. I understand that I have to put some rules into Iptables and also some further directives in the squid.conf.
I have a couple of specific questions. The proxy server is running on a Ubuntu 10.04 workstation and this machine also acts as a dhcp server for the network. I have just one subnet , namely 192.168.0.1-254 There is only 1 network card. Is it much easier to put in a second network card or is it just as easy to configure the existing lan card as a dual IP?
Is it necessary to configure these 2 IP's ( whether they are via 2 lan cards or dual IP on single card ) to be on different subnets. i.e ETH0 192.168.0.1 and ETH1 192.168.1.1 or is ok to have something like ETH0 192.168.0.1 and ETH1 192.168.0.254 ( where ETH0 is the one facing the LAN and ETH1 points to the modem router / switch i.e The Internet ) Where specifically do I save the Iptables rule configuration file and what must I call it ?
I've been doing some security testing in a lab environment that does not have direct internet access. It's actually a little complicated: From home to connect to my lab machine, I
1. SSH to machineA. 2. SSH from machineA to machineB
where machineB is my actual lab machine. neither machineA or machineB allow anything other than SSH, and machineB is only accessible from machineA. However, I really need to run yum on machineB. I have managed to get internet access via Firefox on machineB by creating a series of SOCKS proxy via SSH.
where machineC has internet without limits placed. This is the only way I have managed to get internet working. I tried using ssh -L all the way from machineB->machineA->machineC but it didn't work (even when setting Firefox to use http proxy). I tried using ssh -D all the way, but again that doesn't work either.
I do have access via Firefox using socks proxy. However, yum update fails to retrieve mirror list, and from what I have found I don't believe yum supports socks proxy directly. Instead, it uses http_proxy / ftp_proxy. how to get yum to go out over the SOCKS proxy I created (same one using in Firefox)? It seems like since Firefox can access the internet and everything without issues, i should be able to get yum to tunnel through the same connection to access everything.... I tried
is there a way to force wget to use a specific squid proxy when making connections ? - I use a squid proxy normally, but I need this specific request to go via a different one. I dont have to use wget, I just need a way to test squid's blocking rules by requesting various pages through it, this proxy is not my normally proxy on the network and so I cant rely on wget taking the environment variable.
Also, this is as part of a script, so anything that avoids editing wget config files would be best. - Perhaps curl can do this ? - currently im using the exit code of wget to determine if the connection was made.
On Ubuntu, I know that a user can set a global proxy setting (through a gui, Network Proxy) which will affect all protocols (right?). However, I have set up a server box (no gui) and would like for most of its ports to not go through a proxy. Instead, I'd only like the activity that transmission-daemon does (but not the web UI) to go through a proxy. Is this in any way possible?
I have been struggling to configure a squid proxy server on my ubuntu 11.04 VPS.
Following these instructions[URL].. it is all good BUT I don't want to have to SSH tunnel into the server. Just want to have a proxy set in my proxy server settings in firefox/chrome. Even lock the proxy to certain static IP addresses so no one else can use it except IPs I designate.
1. Can this be done without a VPN or SSH tunnel ?
2. What is the best way to put some security on the proxy server ?
I'm behind a very blocked firewall that only allows connections through port 80 and 443. I wish to ssh to my machine at home, but the port is blocked. Is there a simple server that I can run to route my ssh connection through http?
I've problems to connect my empathy trough my office proxy. I already configure my amsn to access to my hotmail account and it works but when I try to use empathy it just doesn't connect.
Recently at work, they decided to block a wonderful site I used to access all day long (Facebook) so I'd like to be able to setup a proxy server on my Ubuntu box in order to access it from here as they wisely block all the other sites that allow one to proxy. What is the best one to do, and what would I need to do in order to be able to access it from an external IP, to include unlocking what ports on my wireless router?
I'm in a hotel right now and apparently they got it blocked so that I can't download torrents or p2p. I plug straight into the lan. I don't know enough about networking. I know that torrent programs need access to certain ports to work. So is theyre firewall blocking the port? I've heard a proxy server can get around this problem for me. I don't know anything about proxy servers or how to set them up. I'm also relativly new to Ubuntu / Linux but I've already learned a great deal about it so if any of you guys could take the time to give me a quick walk through of what I need to do in order to start torrenting again
Is there a way to connect to a samba share on the other side of a dynamic ssh tunnel?I like to use ssh -D 8080 <host> to access the network on the other side of a ssh session. For applications with their own proxy settings it seem to work really nice.In this particular case I'd like to use the 'Connect to server' feature in Ubuntu to connect a samba share through the tunnel, but I can't figure out how to make only that connecton use proxy settings.If I enforce system wide proxy settings the ssh tunnel will die, so that is not an option.
I just can't set any proxy settings in Gnome 3 Network settings. Is it a bug or...? I installed Ubuntu 11.04 and then used a PPA to install Gnome 3. Some other "problem" is I can't set single click opening of folders...
We use an authenticated proxy in my university.I am not able to add repos by sudo apt-get-add-repository.I get the following error(for firefox for example) Error reading https://launchpad.net/api/1.0/~mozil.../firefox-next: <urlopen error [Errno 111] Connection refused>
I have tried ti change the port by this method[URL].. But it didn't work out.apt-get update and upgrade work fine.Adding repos worked fine at home. Kinda new to Ubuntu(really loving it by the way),so please give a bit elaborate explanations
I need to set up network proxy for Ubuntu 10.04 LTS (system->prefernces->network proxy)? In fact I can connect to internet using a modem without worrying about it but will it be better if I do? In firefox, should I edit proxy setting? the options are: no proxy, auto detect proxy, use system proxy, manual proxy, and there are severl proxies like HTTP proxy etc. Does proxy setting has anything to do with security?
My company requires a proxy server that requires a manual configuration to use. Many Ubuntu apps, however, do not respect the HTTP proxy settings.Is there anyway to modify my local firewall settings to automatically forward IP traffic to the company proxies in the same way a transparent proxy might work?Would I need to set-up my own local, transparent squid proxy which itself forwards to the company proxy?
Having a bit of an issue connecting to my apache2 server. I'm running Ubuntu Server 10.04lts. I can only connect to my website via ip address global, ip address local, and the dyndns domain I have linked to my ip address. I have DMZ setup for my server with a local static address of 192.168.1.100. I can only connect to the default apache page via lan, and It wont load when I try via proxy. I need to know how to configure my router (wndr3300) so that I can connect to my server (address 192.168.1.100) and the pages from outside of my network.
