Networking :: Redirecting Ssl Requests With Squid?

Feb 24, 2010

say i have an apache server configured for ssl/non ssl virtual hosts and a proxy configured as follows (see squid.conf)the ssl on each name based virtual host is configured on its own port (only 7 of the domains need this the rest are just media and other insignificant bits of data but domains 1-7 contain forms that require specific personal information that may be technically illegal to transmit without encryption)if any additional information is needed just let me know

domain1 is port 443
domain2 is port 444
domain3 is port 445

[code]....

View 2 Replies


ADVERTISEMENT

Server :: IPTABLES Port Redirecting To SQUID

Jul 12, 2011

i've got a software that uses a specific tcp port e.g 11111. i want to redirect all the traffic from 11111 to squid port 3128. i'm using the following commands to redirecting:

iptables -t nat -A PREROUTING -p tcp -m tcp -i eth0 --dport 11111 -j DNAT --to 192.168.0.1:3128
iptables -A FORWARD -p tcp -m tcp -i eth0 --dport 11111 -j ACCEPT

my ubuntu server has two interfaces. eth0 is for local network (dhcp assigns ips) and eth1 is for internet. my ubuntu server acts as a gateway and as an authentication server for users.

at squid also i have the following configuration regarding my port:

acl myport port 11111 http_access allow CONNECT myport. my squid installation is not transparent as users need to authenticate in order to access the web.

my application is a windows application and of course is not working. i examined the packets with wireshark and i noticed that when the program tries to access the internet, squid replies with err_invalid_request (the packet contains that data). the program is trying to send some plain text via port 11111 and as far as i can image, somehow squid declines the data. i cant get rid off squid as i want to pass the traffic from squid. what is the problem?

View 1 Replies View Related

Server :: Squid Accepts Only HTTP Requests But Speaks FTP On The Server Side?

Apr 26, 2011

Here is my query:

Squid document says that Squid accepts only HTTP requests but speaks FTP on the server side when FTP object are requested.

We call Squid HTTP and FTP caching proxy server. Does it also caches FTP contents? Is it possible to configure FTP clients to use Squid cache? When we make an FTP request to an FTP site via Squid will it be bypassed?

View 5 Replies View Related

Networking :: Packet Redirecting To Another Interface Of The Box

Nov 19, 2010

I have to interfaces eth0(10.0.0.7) and wlan1(10.0.0.8) in my box. An application is listening (say, udp socket) at 10.0.0.7:5888.

Now if someone sends packet at 10.0.0.8:5888, I want to forward them to 10.0.0.7:5888.

I have tried this - iptables -t nat -A PREROUTING -p udp --dport 5888 -d 10.0.0.8 -j DNAT --to-destination 10.0.0.7

But Packets(with destination addr 10.0.0.8) are not received by the application (But they are received by the box, I have checked using wireshark). I have also enabled ip_forwarding.

View 1 Replies View Related

Networking :: Iptables REDIRECTing - All Outgoing Packets ?

Dec 6, 2010

I've been trying to redirect all outgoing packets (destined for a specified ip address) from my slack box back to itself. I thought this could be done with iptables, but if I fire up wireshark I can clearly see that the packets are getting out to the real server and I'm getting responses from it.

So here's what I tried:

All looks good and fine, and then I even try to visit 194.28.157.42 with firefox (by the way I am running a webserver, that is set to show a page when you visit 127.0.0.1) and I get an error page that reads: 502 Bad Gateway.

I ignored this message to see what the program I'm trying to interrupt does, and when I start wireshark and then start the program that is using that website, I can clearly see that the packets make it to the real 194.28.157.42 and get back responses.

View 1 Replies View Related

Ubuntu Networking :: NetworkManager Redirecting All Traffic Over OpenVPN?

Jan 16, 2011

I got it set up in the NetworkManager applet (imported the client.ovpn), but when I connect it sends ALL my traffic through the VPN. I would prefer all accesses to the internet go over my normal default gateway, rather then all the way through to the VPN's default gateway.When I connect through the command line:

Code:
openvpn --config client.ovpn
I don't have this problem, and accesses to the internet still go over my default gateway on

[code]...

View 1 Replies View Related

Networking :: Redirecting Packets To Virtual Machine With Iptables

Mar 16, 2011

I had been running my SMTP server with WINE, as the SMTP server software is a Windows-based program (MERCURY), but I cracked the shits with WINE and removed it. Now I am running my SMTP server in a Windows virtual machine.This virtual machine has a different IP address from my host machine, so what I need is for my computer (the host) to redirect incoming traffic on port 25 to the virtual machine at 192.168.56.101 on port 2525.Can someone please help me with it? I think its done with iptables.

View 1 Replies View Related

Networking :: IPTables - Redirecting Web Traffic To Single Transparent Proxy Server

Mar 25, 2010

I am new to iptables. We have two Squid proxy servers running in "non-transparent mode" (172.16.0.1 and 172.16.0.2). Currently users have to configure the proxy server they want to use by configuring them in their browsers. Recently I saw an example for redirecting web traffic to a single transparent proxy server.

-A PREROUTING -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128
-A PREROUTING -p tcp -m tcp --dport 443 -j REDIRECT --to-ports 3128

Can anyone modify this rule to accommodate my current setup of two proxy servers running in non-transparent mode. i.e Redirect web traffic to the 172.16.0.1-172.16.0.2 ip range.

View 2 Replies View Related

Networking :: HTTP Requests Always Go By TCP Connect Tunnel?

Aug 14, 2010

How do Http requests and responses go from a client to the server? IS a TCP Connect Tunnel always formed or is there some different mode ?

View 4 Replies View Related

Networking :: Balance The Internet Requests From LAN Using 2 Connections?

Feb 17, 2010

I have a firewall ( a pc with debian 5) with 2 internet connections. each connected to a ethernet card (the firewall has 2 ethernet pci cards so it has one connection per card)how can i balance the internet requests from my LAN using this 2 connections?

View 3 Replies View Related

Networking :: Forward All Http/https Requests ?

May 12, 2010

I have a server (Fedora 12) setup at a client's datacenter and the network is setup to allow me ssh access into the server, but prevents me from opening any connections from the server. However, I need to make http and https request from the server. What I'd like to do is forward all http/https traffic through another machine outside the network.

I've been looking at the documentation for ssh and the various options there and have gotten so far as to enable initiating an ssh connection from the client network back to my machine, but am not sure where to take it from there.

Here are some of the commands I've used so far:

Code:

I'm attempting to bind port 80 to be forwarded through the local machine. I assume I use "ssh -R" to create a dynamic tunnel to forward requests but I must be missing something.

By the way, root login via ssh is disabled.

View 5 Replies View Related

Networking :: IPTables - Inspect / Modify DNS Requests?

May 10, 2010

I'm trying to work out a way to inspect/modify dns requests as an advertising filter. Iptables is a good place to do this, but I'm having some problems disassembling the packet. On my dev box, when a DNS reply is returned from a request made on the dev box. I use this rule to route the reply packet through a queue:

iptables -A INPUT -p udp --sport 53 -j NFQUEUE --queue-num 1

Will the rule catch the inbound udp packet with the dns reply in it? I get something in the queue, but it's unintelligible when attempting to disassemble the packet. I don't want to move onto looking at my program until I get some feedback on the rule.

Here's a primitive diagram of what I'm working towards:
host ->DNS request->iptables(no outbound rules)-> DNS Server
->DNS Answer ->iptables(queue udp 53 packets)
->inspect packet program-> Allow/Deny -> host processes allowed packets

View 1 Replies View Related

Networking :: TCP Crawler Network Not Working After Many TCP Requests?

Jun 11, 2011

I have a crawler on my VPS VMWare Server (also tried it on my dedicated server). After many requests about 200.000/6h my network is gone. I use lynx to get any website outside of local network and any site is not responding - also tried to obtain IP address instead of host name - no results. I can get every local site. For example when I am on 190.24.2.1 I can obtain a page which is placed on 190.24.2.5 but obtaining 191.54.23.34 is not possible.I tried many things such as changing TCP timeouts to less, restarting virtual machine and no results. After few hours - 4-5 hours I get network working. It is not working as fast as it should but it is ok.

I am wondering where is the problem. Have I got to configure linux? Am I missing something? Maybe some router stack is blocking my ip? (Other crawlers put on same VPS are working properly, but after 6 hours they also crashes)I also notices that I can get like 30.000 web sites per hour (some with errors, some with no response, some with timeout surely) but this number decreases hour by hour and finally reaches zero.Can you help me and suggest where may ba a problem?My system: Ubuntu 10.04 LTS Server, 1GHz, 512 MB RAM, 5 MB/s.

View 1 Replies View Related

CentOS 5 Networking :: DNS Requests Go To Localhost When Made By Apache / Php

Oct 7, 2009

I'm running wordpress and have gone to the painstaking effort of setting up the ftp server on my 5.3 machine so it can do its own updates and download plugins. However, I've found that if I try to download anything, I get a "unable to resolve host..." error from the script. If I watch Iptraf while making the request, I see all the port 53 requests going to 127.0.0.1. Pings are too.

However, if I ssh in, I can ping and wget and whatever I want all day long and all the DNS requests to go the router (Clarkconnect 3.2 gateway machine). The web browser in the terminal works fine too. What is it about the php scripts that is causing them to misdirect pings and dns requests? I've never seen anything like it and can't find anything on the web about it either.

[Code]....

View 2 Replies View Related

Fedora Networking :: NetworkManager Applet Requests Keyring Password?

Apr 11, 2009

I have a FC10 installation with GNOME and NetworkManager and a wireless card. Everything works ok. However, when I try and setup gdm to do autologon I get the NetworkManager applet asking for the password for the gnome-keyring to get the wireless details. Since I want to use this machine as a sever this is unacceptable as I won't be around to type in the password. I tried the solution at [URL] but this does not work. I still get the password being requested and the keyring password is the same as the logon password. Can anyone say if there is a workaround that works to get the NetworkManager to be able to read the gnome keyring without having to prompt me for it.

View 5 Replies View Related

Ubuntu Networking :: Get Wireless Router To Forward Ftp Requests To Computer?

May 18, 2010

I'm trying to make my wireless router always give me the same ip address every boot (192.168.1.100). I do not have a static ip address from my isp.

Everything I've tried from online help has made my internet break and I'm not even sure what exactly I should be searching for on google.

Ultimately, I'm trying to get my wireless router to forward ftp requests to my computer which shares the network with an xp machine. I think this is the way to go about it.

View 8 Replies View Related

Networking :: Forward Local HTTP Requests To Remote Proxy?

May 4, 2011

How to forward local HTTP requests to remote Proxy with IPTables ?

View 1 Replies View Related

Ubuntu Networking :: 2 NICs, Server Won't Respond To Requests But Internet Works

Apr 16, 2010

I recently set up a new web/file server with 9.10 server x64 with 2 NICs and I am trying to configure eth0 to respond to my LAN for internal samba filesharing and eth1 to handle website/ftp requests on my static IP, but whenever eth0 is up the server is not accessible at 173.XX.165.65 for web or ftp but both work fine at 10.1.10.100. When eth0 is down, public IP works fine. I have set /etc/network/interfaces like this:

Code:
# The primary network interface
auto eth0
iface eth0 inet static
address 10.1.10.100

[Code].....

View 1 Replies View Related

Ubuntu Networking :: Samba Server Stops Accepting Mount Requests?

Apr 21, 2011

I'm having an issue with a Samba server running on an Ubuntu "server". Technically, it's not a server, it's just an old desktop with Ubuntu 10.04 running it..and I have a few server processes running (ProFTP, Samba, etc.)The Ubuntu server is where I store all of my important files that get backed up to a separate hard drive. I shared folders via Samba, and I use two computers to access the shares. I access the shares with an .sh file I created that uses the mount cifs command to mount to those shares.

It has been working flawlessly for a long long time, up until recently. For the past few days to a week, I will try to mount the shares with no result. In the terminal, the commands just freeze, as if the command is trying to execute, but having network issues.The only way I can get it to work is if I reboot the Ubuntu server, then it maps flawlessly. But a day later, it's back to hanging up when trying to mount.

View 4 Replies View Related

Networking :: Port Forwarding - Router - Ssh Requests Time Out - Tomato Firmware

May 18, 2010

I've managed to confirm that I can reach my home network via ssh from a remote location through my SMC Barricade when it is directly connected to the desktop machine but when the second router is put back into the chain ssh requests time out. The second router is a Linksys WRT 54GL running the Tomato firmware. The chain looks like this: ISP's router (bridged) --> Barricade -->WRT54GL-->desktop

The Barricade has port 22 forwarded to the Linksys' WAN address and it in turn forwards to the desktop address. It appears that it is a setting on the Linksys firmware that is preventing the remote connection. I've looked through the various settings many times but cannot see anything that would cause the problem.

View 4 Replies View Related

Ubuntu Networking :: DHCP Server No Longer Responses To DHCP Requests - Can't Ping Gateway

Oct 22, 2010

Back in April I set up a Ubuntu DHCP server and a multiple VLAN network [URL] to migrate our various servers, workstations, etc off the 192.168.1.1 /24 network that everything was on because we where running out of address space. I built out the new network and everything worked great except our AD server would never get an IP address from the DHCP server (static reservation) and even if I set the IP statically on the AD server it couldn't ping the gateway and noone could log in. After several attempts to resolve this, including bringing in outside help, we where never able to figure out what the problem was.

Now 6 months later I have time to revisit the issue without effecting the live network. I used Acronis and imaged the AD server last Friday, cloned it on to another box with the same hardware, and put it up on the new network that's been sitting unused for the last 6 months. Today when I statically set the IP on the AD server (which is what I want) it connects and I can ping it's gateway 192.168.1.1 and all the way across vlans to a test sales agent workstation at 192.168.8.xxx on vlan 800 but only if I statically assign the agents station an IP address. When I try to get an IP address via DHCP it fails as destination unreachable. Nothing has changed in the last 6 months on the DHCP server but now it for some reason can't ping its default gateway 192.168.1.1. All of the config files are the same as they where left from the post linked above aside from the vlan id's used where changed from 1's to 100's (i.e. vlan 3 is now vlan 300) /etc/network/interfaces

Code:

auto lo
iface lo inet loopback
auto vlan100
iface vlan100 inet static

[code]....

why it can't reach the gateway, when I do a tcpdump I can see the DHCP requests come in on eth0 but the server never responds and I'm pretty sure its because it isn't "seeing" them since it thinks there isn't a network connection but I don't know how to trouble shoot to find out where the problem lies.

View 6 Replies View Related

Ubuntu Networking :: DHCP Server No Longer Responds To DHCP Requests - Can't Ping Gateway

Jul 1, 2010

Back in April I set up a Ubuntu DHCP server and a multiple VLAN network [URL] to migrate our various servers, workstations, etc off the 192.168.1.1 /24 network that everything was on because we where running out of address space. I built out the new network and everything worked great except our AD server would never get an IP address from the DHCP server (static reservation) and even if I set the IP statically on the AD server it couldn't ping the gateway and noone could log in. After several attempts to resolve this, including bringing in outside help, we where never able to figure out what the problem was.

Now 6 months later I have time to revisit the issue without effecting the live network. I used Acronis and imaged the AD server last Friday, cloned it on to another box with the same hardware, and put it up on the new network that's been sitting unused for the last 6 months. Today when I statically set the IP on the AD server (which is what I want) it connects and I can ping it's gateway 192.168.1.1 and all the way across vlans to a test sales agent workstation at 192.168.8.xxx on vlan 800 but only if I statically assign the agents station an IP address.

When I try to get an IP address via DHCP it fails as destination unreachable. Nothing has changed in the last 6 months on the DHCP server but now it for some reason can't ping its default gateway 192.168.1.1. All of the config files are the same as they where left from the post linked above aside from the vlan id's used where changed from 1's to 100's (i.e. vlan 3 is now vlan 300) /etc/network/interfaces

Code:

auto lo
iface lo inet loopback
auto vlan100

[code]....

why it can't reach the gateway, when I do a tcpdump I can see the DHCP requests come in on eth0 but the server never responds and I'm pretty sure its because it isn't "seeing" them since it thinks there isn't a network connection but I don't know how to trouble shoot to find out where the problem lies.

View 2 Replies View Related

Ubuntu Networking :: SSH Connection - Router Works To Except Connection Requests

Jul 28, 2010

I'm trying to do a SSH connection between my home and work PC both machines are running ubuntu 10.04. I have read all the comunity documentation at [URL] from Work PC. I went on to the web site what is my ip address and noted down the number, From Home i opened a terminal and typed: pnig (ip address). to which their was no reply, now i'm assuming i need to configure the works router to except connection requests, is this Correct?

Also what information do i need from my works network and how do i get it? I understand that I need the routers expernal ip address, but how do i referiance a specified computer after that address? What program do i use in ubunu and how is that information applied to it?

View 4 Replies View Related

General :: Squid Access / Permission Denied Error From Squid Occur?

Dec 29, 2010

I am using squid to controlling access to the internet all is working fine expect one of the user who is using outside organization portal to connect internet. But whenever he tries to enter in the portal by typing (EXAMPLE)url. Permission denied error from squid occur.

How can i allow this portal in squid. So squid will allow this to access.

View 1 Replies View Related

Server :: Tools - Squid Accounts - To Create - Change - Modify Users Of Squid And To View Their Logs

May 23, 2010

My squid server works fine in fedora 11 system . Is there any web like interface for admins to create,change,modify users of squid and to view their logs.

View 1 Replies View Related

CentOS 5 Server :: Squid Proxy Configuration SQUID 2.6.STABLE21

Jan 17, 2011

I would like to ask some help and tutorial for setting up and how to configure squid proxy server in my (Home PC Server). I am a newbie in Linux Centos. I already installed in my system the CentOS 5.5 . Now, I want to configure it as my internet server, all of my 4 system running in Windows including the laptop I want to connect through my CentOS pc with username authentication. I assign all IP address by static. see tthe attachement in my set up. [url] I just want to know what I need to change and add in my squid config file. And how can I configure properly my CentOS with 2 LAN card as internet server.

View 1 Replies View Related

Ubuntu Networking :: Using Squid To Appear In Another Country?

Feb 7, 2010

I have a VPS. I intend to use it as a squid server. I need to know how to configure Squid so it works as a simple proxy server. Don't need authenication etc.

View 1 Replies View Related

Networking :: Squid With Multiple IP Segment?

Jan 13, 2011

I've setup Squid - DHCP - Transparent Proxy with the following
eth0 = connected to internet
eth1 = connected to lan. (192.168.1.1)

[code]....

View 5 Replies View Related

Networking :: Block IM With Iptables Or Squid?

Dec 24, 2008

in my office i have to block all messenger like yahoo messenger, windows live messenger, i have to block websites like www.yahoo.com, some more web sites. i need guidance through which i can accomplish this task through ip tables or through squid server. i can use squid but i had heard that squid blocks pop and smtp also. squid creates some problem in receiving and sending email. i am using red hat linux 4 box and installed squid having two ethernet card 1 is connected to adsl line and 2 is connected to switch. all clients will have proxy address of this linux box. guys need ur help ASAP.

View 2 Replies View Related

Networking :: Add More Than One IP Range In Squid.conf?

Mar 3, 2011

I am going to configure squid in my linux box.I have different kinds of ranges in my office.The default is as under

Code:

acl our_networks src 192.168.1.0/24 192.168.2.0/24
http_access allow our_networks

can I add my own ranges as

Code:

acl our_networks src 10.1.60.0/24 10.1.70.0/24 10.0.80.0/24 10.1.90.0/24 10.1.100.0./24

http_access allow our_networks we have divided according to floors ,like 1st floor ip range is 10.1.60.0 2nd floor 10.1.70.0 ,third 10.1.80.0 and so on. All IP ping each others successfully.

View 3 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved