From: Andrew Beverley <andy@andybev.com>
To: Mike Hendrie <mike@hendrienet.com>
Cc: Vigneswaran R <vignesh@atc.tcs.com>, netfilter@vger.kernel.org
Subject: Re: Proxy Filter iptable Settings
Date: Wed, 27 Apr 2011 18:24:02 +0100 [thread overview]
Message-ID: <1303925042.18916.20.camel@andybev-desktop> (raw)
In-Reply-To: <BANLkTi=y37mzCOenHg8EbR_u9PpoTVceGA@mail.gmail.com>
On Wed, 2011-04-27 at 08:41 -0500, Mike Hendrie wrote:
> Alright. Please let me explain.
>
> I am implementing squid in the school.
>
> Squid box 172.20.0.3
> All workstations gateway are 172.20.0.3
> All workstations proxy settings are 172.30.0.3:8080
>
Ah, that makes more sense.
> The proxy settings are working fine for blocking content, however, I
> am having the following issues:
>
> The school's web server is hosted locally.
Locally where? On the same server as Squid (172.20.0.3)?
> When the workstations try
> to access the site via the public domain name, it fails.
Okay... well there could be a lot of reasons:
Your workstations will be requesting the URL from the Squid server which
will be resolving the public IP address of the website. The Squid server
will therefore need to access the public IP address, which comes back to
the question above as to where on the network the website is hosted.
You might need to set the DNS on the proxy server to resolve the website
to the local IP address.
Depending where you host your public DNS, you may also have to make
adjustments to that.
The web server itself will need to be listening on the right port to
serve the request - it may only be serving requests on the public facing
interface.
In short, more information is needed about your exact set up to answer
the question.
> Also, there are several applications the school uses. These
> applications range from port 5000-5005.
>
Where are the applications hosted? On the internal network, on the
public internet, on the proxy server?
Andy
next prev parent reply other threads:[~2011-04-27 17:24 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-04-27 3:07 Proxy Filter iptable Settings Mike Hendrie
2011-04-27 6:16 ` Andrew Beverley
2011-04-27 11:26 ` Mike Hendrie
2011-04-27 12:17 ` Vigneswaran R
2011-04-27 12:45 ` Mike Hendrie
2011-04-27 13:18 ` Vigneswaran R
2011-04-27 13:41 ` Mike Hendrie
2011-04-27 17:24 ` Andrew Beverley [this message]
2011-04-28 6:36 ` Vigneswaran R
2011-04-28 21:43 ` Mike Hendrie
2011-04-29 9:16 ` Vigneswaran R
2011-04-30 8:02 ` Andrew Beverley
2011-04-30 16:50 ` /dev/rob0
2011-04-30 17:47 ` Mike Hendrie
2011-04-30 18:02 ` Andrew Beverley
2011-04-30 18:23 ` Mike Hendrie
2011-04-30 19:08 ` Andrew Beverley
2011-04-30 19:24 ` /dev/rob0
2011-05-03 17:23 ` Mike Hendrie
2011-04-30 18:04 ` Jan Engelhardt
2011-04-30 18:28 ` /dev/rob0
2011-04-27 16:46 ` Mike Hendrie
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1303925042.18916.20.camel@andybev-desktop \
--to=andy@andybev.com \
--cc=mike@hendrienet.com \
--cc=netfilter@vger.kernel.org \
--cc=vignesh@atc.tcs.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).