From: Stanislav Nedelchev <stanislav.nedelchev@gmail.com>
To: lartc@vger.kernel.org
Subject: [LARTC] Two internet lines and squid problem.
Date: Thu, 18 Aug 2005 12:45:27 +0000 [thread overview]
Message-ID: <485817760508180545204aff01@mail.gmail.com> (raw)
I have 2 internet connections and i;m trying to use squid as transparent proxy
but every time squid is using first internet line but i want to use
second internet line .
i have this settings and without squid it's working
i have default route on the first internet connection.
iptables -t nat -I POSTROUTING -o eth2 -p tcp --dport 80 -s
192.168.0.0/24 -d ! 192.168.0.0/16 -j SNAT --to 217.10.248.135
/sbin/ip route add default via 217.10.248.135 dev eth2 table natips
/sbin/ip rule add fwmark 66 table natips
iptables -t mangle -I PREROUTING -i eth1 -p tcp --dport 80 -j MARK
--set-mark 66
iptables -t mangle -A FORWARD -i eth1 -p tcp --dport 80 -j MARK --set-mark 66
I try to solve the problem moving squid to onother computer and i add
additional rules like
/sbin/ip route add default via 217.10.248.135 dev eth2 table natips
/sbin/ip route add default via 192.168.0.11 dev eth1 table squid
/sbin/ip route flush cache
/sbin/ip rule add fwmark 67 table squid
/sbin/ip rule add fwmark 66 table natips
iptables -t mangle -I PREROUTING -i eth1 -p tcp -s 192.168.0.11
--dport 80 -j MARK --set-mark 66
iptables -t mangle -I PREROUTING -i eth1 -p tcp -d ! 192.168.0.11
--dport 80 -j MARK --set-mark 67
iptables -t mangle -A FOWARD -i eth1 -s 192.168.0.11 -p tcp --dport
80 -j MARK --set-mark 66
iptables -t mangle -A FORWARD -i eth1 -p tcp -s ! 192.168.0.11
--dport 80 -j MARK --set-mark 67
iptables -t nat -I POSTROUTING -o eth2 -p tcp --dport 80 -s
192.168.0.0/24 -d ! 192.168.0.0/16 -j SNAT --to 217.10.248.135
in this case web traffic is working but pages that uses SSL like gmail.com
is not working
can anybody help me to use squid like transparent proxy with 2
internet connection and to use second one.
Thank in advance.
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
next reply other threads:[~2005-08-18 12:45 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-08-18 12:45 Stanislav Nedelchev [this message]
2005-08-19 3:09 ` [LARTC] Two internet lines and squid problem gypsy
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=485817760508180545204aff01@mail.gmail.com \
--to=stanislav.nedelchev@gmail.com \
--cc=lartc@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.