*nix Thread, Squid transparent proxying in Technical; i'll go with the server and ebox for now. it was me who suggested this whole solution so i guess ...
19th May 2008, 02:29 PM #16
i'll go with the server and ebox for now. it was me who suggested this whole solution so i guess its only fair i do the admin for it for now.
but thanks for ebox/webmin idea, i guess i could always do an smb share to the whitelist folder and let people update it themselves
IDG Tech News
19th May 2008, 02:36 PM #17
Oops Hands up who lost forgot to pay attention to the OPs finer details and just repeated what they used on their CentOS box!
Originally Posted by Geoff
21st May 2008, 11:21 AM #18
Ok a bit of a break in replying.
After a lot of thinking, playing around with stuff and talking to the local top geeks in the area. I have decided to go with ISA server on Server 2008.
Total licence cost is around the £90 mark (love education licences, got to confirm this btw) and it just works. Not even that difficult to set up.
Its certainly easier to get working than squid was and so far has not caused any issues.
21st May 2008, 11:47 AM #19
Originally Posted by MK-2
Editing dansguardian whitelists is not terribly difficult though. Your colleagues need to know which are the appropriate files, how to navigate to them and how to edit them correctly. I use mc sometimes and nano sometimes via ssh. mc is great for this kind of thing, because it's visual. I'm sure your colleagues will get the hang of it quickly. How will they restart the dansguardian service to reload the new lists? I don't know what gui service controls there are for Ubuntu, but typing /etc/init.d/dansguardian restart on the cli is pretty quick imo.
Anyway, hope you have great success with your project.
21st May 2008, 12:35 PM #20
Try this instead if your just updating the white/black/grey lists.
This way, current connections don't get dropped on the floor.
21st May 2008, 12:46 PM #21
I see my plan to avoid reading the manual worked. Seriously though, thanks, I'll give that a whirl next time I have to.
Originally Posted by Geoff
21st May 2008, 03:39 PM #22
ok i got the server up and running today, ebox/dansg/squid installed
eth0 connected to bt router, with ip of 192.168.1.2
eth1 connected to switch with ip of 192.168.1.3
firstly, with both IPs set, i cant browse the internet and internal hosts, im guessing it uses one ip for both and that wont work. is there any way i can specify eth0 is only to be used for web requests and eth1 is to be used for internet requests?
secondly if i forward all traffic from eth1 on port 80 to eth0 on 3128 so it goes via squid, how do i implement dansg? cos it needs an ip/port to listen on, and if i set it to eth1:80 to listen on, wouldn't that then mean that nothing gets redirected, or will it filter then redirect?
haven't done any conf file edits yet, so if anybody would be willing to help me out id be very grateful. basically we just want any pda on the 192.168.1.x ip range (set via dhcp on ubuntu) to have access to the internet with dansg and squid in between in transparent mode.
sorry if im going over things more than once, im simple :P
21st May 2008, 08:19 PM #23
Originally Posted by MK-2
I hope I've attached a diagram to this post. Does this match your setup?
If it doesn't, are you able to create a diagram that does?
I can't speak for others, obviously, but it helps me to see things.
22nd May 2008, 09:14 AM #24
Internet > BT Router > eth0 (192.168.1.2) > Ubuntu server > eth1 (192.168.1.3) > switch > wireless AP > PDAs
so all internal traffic (PDAs, wireless APs) would be hitting eth1, and all internet traffic would hit eth0.
But when both are plugged in, and I try to get on either an AP or the net, it hangs, unplug eth0 and i can see the router, unplug eth1 and i can see the internet. Obviously I'll need both to work together.
If anybody is available to hit me up on MSN and give me a hand to go through things I'd love it (Keegan style!). Mainly just with getting both cards working in unison, and getting squid/dansg working together with squid being transparent.
22nd May 2008, 10:24 AM #25
- Rep Power
I am very novice at this myself, but I was under the impression that both cards couldn't be on the same subnet. Perhaps someone can confirm (or otherwise)
22nd May 2008, 10:26 AM #26
andy, this is why i need help :P
22nd May 2008, 10:33 AM #27
do you need to do a
echo 1 > /proc/sys/net/ipv4/ip_forward
22nd May 2008, 10:36 AM #28
xxxxxxxxx <- theres your comment
xxxxxx<- theres my head
22nd May 2008, 10:41 AM #29
22nd May 2008, 10:43 AM #30
not that it'd matter anyway with EMBC
This page has been blocked because it has been categorised as Match Making
The web page you were trying to visit has been blocked by the Internet filtering system.
You wouldn't believe how many women melt when I tell them about configuring IP forwarding in a Linux environment
By jonathan.lees in forum *nix
Last Post: 2nd December 2007, 02:20 AM
Last Post: 10th October 2007, 03:12 PM
By Joedetic in forum Wireless Networks
Last Post: 6th August 2007, 12:56 PM
By Jackd in forum Network and Classroom Management
Last Post: 25th July 2007, 07:54 PM
By maniac in forum Web Development
Last Post: 5th April 2007, 12:04 PM
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)