Operating Systems > Linux and UNIX
Networking Help!
Master of Reality:
should i make a new user, such as squid, and use that UID to run the proxy server?
-------------
I like using Webmin, but i might edit the squid.conf file manually to configure some more options.
when editing the file i do: # vi /etc/squid/squid.conf
how do i save/exit vim? I couldnt find out how in the man page for VIM.
-----------
what do i need to do on the client machines in order for them to use a proxy?
[ April 17, 2002: Message edited by: Master of Reality ]
[ April 17, 2002: Message edited by: Master of Reality ]
voidmain:
When you install the RPM it should automatically create a "squid" user and when squid starts it will run under this ID (as long as it is started using the bootup script in /etc/rc.d/init.d).
To use the proxy just go into any browser's proxy settings and put your squid machines address or name in and set the port to "3128" if that is the port you have squid configured to run under.
Oh, there are a couple of ways to save and quit in vim but I usually use "<ESC>:wq". You can also do "<ESC>ZZ". You only have to press <ESC> if you are in "insert" mode. If you are in "command" mode you just press ":wq" and <ENTER> *or* "ZZ".
[ April 17, 2002: Message edited by: VoidMain ]
Master of Reality:
on the server computer, dont i have to make/modify ipchains so that it redirects requests on the gateway to port 3128 on the proxy? or something like that?
something like :( this is an educated guess)
--- Code: ---
--- End code ---
...if i did it this way wouldn't this be a transparent proxy?
[ April 17, 2002: Message edited by: Master of Reality ]
Master of Reality:
ok... i could take off the default gateway and DNS from the clients, and tell them to use proxy port 3128 OR i could leave the default gateway and DNS set on the clients and use ipchains (like above) on the server to redirect it through the proxy?
I'm starting to understand some things (i hope).
voidmain:
You don't want to change the default gateway or DNS on the clients as you may want other protocols to be just MASQ'ed. If you are like me, port 80 (http) is the one I am mainly concerned with.
You are correct, of you redirect 80 to the squid port you do not need to set the "proxy" configuration on the client. If you get it to work with IP chains let me know how you did it. I tried to get it working with IP chains when I first set it up a couple of years back but didn't have much luck. It would be easier that way, especially for my laptop which I use at work and at home. When I plug into my home network I have to check the "proxy" box when I want to go to my favorite anti M$ site. Maybe I'll check into doing this again.
There are other ways to do the transparent proxy as well. I ran accross a utility on freshmeat that looked like it was just the ticket about a year ago. I was going to use that at work. I was planning on inserting a dual NIC Linux box in front of the main internet router running this redirector but I never did get around to it. It was just as easy automatically set the win clients proxy configurations via a policy but that's a whole other topic that would require talking about Windows, and I don't really want to do that.
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version