From mboxrd@z Thu Jan  1 00:00:00 1970
From: "Martin Kellner" <mhkellner@gmx.de>
Date: Sun, 23 Sep 2001 19:04:14 +0000
Subject: [LARTC] iptables+iproute2+squid
MIME-Version: 1
Content-Type: multipart/mixed; boundary="----=_NextPart_000_0068_01C14473.4D0251D0"
Message-Id: <marc-lartc-100127164126178@msgid-missing>
List-Id: <lartc.vger.kernel.org>
To: lartc@vger.kernel.org

This is a multi-part message in MIME format.

------=_NextPart_000_0068_01C14473.4D0251D0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

I think this is the right place to ask:

I'm using
- kernel 2.4.9
- iptables as firewall
- iproute2 with rule-based routing.
- squid

two internet-connection:

- 1 ADSL-based link with dynamic ip-adresses
- 1 static isdn-line with fixed ip-adresses

Everything is working but squid isn't. Any idea why? how is the
loopback-traffic handled with my two new tables? Squid uses to work as a
transparent-proxy with all the iptables-stuff. When I'm working with the
normal routing-tables and one internet-connection. Everything is ok.

I use two rules (first for user-browsing, second for mail-traffic):

ip rule add from 192.168.1.128/25 table www.out
ip rule add from 192.168.1.6 table mail.out

# default route is reset to p-t-p-adress of ppp, when ppp comes down =
again,
because of idle-state
ip route delete default

# this part is done dynamically when ppp comes up
ip route add default via x.x.x.x table www.out
ip route add 192.168.1.0 via y.y.y.y table www.out

# this part is setup with the firewall start
ip route add default via z.z.z.z table mail.out
ip route add 192.168.1.0 via y.y.y.y table mail.out

Thanks in advance

Martin Kellner


------=_NextPart_000_0068_01C14473.4D0251D0
Content-Type: text/html;
	charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META content=3D"text/html; charset=3Diso-8859-1" =
http-equiv=3DContent-Type>
<META content=3D"MSHTML 5.00.3315.2870" name=3DGENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=3D#ffffff>
<DIV><FONT face=3DArial size=3D2>I think this is the right place to =
ask:<BR><BR>I'm=20
using<BR>- kernel 2.4.9<BR>- iptables as firewall<BR>- iproute2 with =
rule-based=20
routing.<BR>- squid<BR><BR>two internet-connection:<BR><BR>- 1 =
ADSL-based link=20
with dynamic ip-adresses<BR>- 1 static isdn-line with fixed=20
ip-adresses<BR><BR>Everything is working but squid isn't. Any idea why? =
how is=20
the<BR>loopback-traffic handled with my two new tables? Squid uses to =
work as=20
a<BR>transparent-proxy with all the iptables-stuff. When I'm working =
with=20
the<BR>normal routing-tables and one internet-connection. Everything is=20
ok.<BR><BR>I use two rules (first for user-browsing, second for=20
mail-traffic):<BR><BR>ip rule add from 192.168.1.128/25 table <A=20
href=3D"http://www.out">www.out</A><BR>ip rule add from 192.168.1.6 =
table=20
mail.out<BR><BR># default route is reset to p-t-p-adress of ppp, when =
ppp comes=20
down again,<BR>because of idle-state<BR>ip route delete default<BR><BR># =
this=20
part is done dynamically when ppp comes up<BR>ip route add default via =
x.x.x.x=20
table <A href=3D"http://www.out">www.out</A><BR>ip route add 192.168.1.0 =
via=20
y.y.y.y table <A href=3D"http://www.out">www.out</A><BR><BR># this part =
is setup=20
with the firewall start<BR>ip route add default via z.z.z.z table =
mail.out<BR>ip=20
route add 192.168.1.0 via y.y.y.y table mail.out<BR><BR>Thanks in=20
advance<BR><BR>Martin Kellner<BR></FONT></DIV></BODY></HTML>

------=_NextPart_000_0068_01C14473.4D0251D0--


_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/2.4Routing/