Posted 10 August 2011 - 09:50 PM
Posted 11 August 2011 - 01:04 AM
Posted 11 August 2011 - 10:45 PM
As long as the box can route traffic to the outside nic (I give from granted one of the NICs has a public IP address) you are set. Configure stuff one step at the time, first networking then configure Squid.
The major challenge i have is to route internet from my outside NIC to the inside NIC.On the outside NIC i obtained ip address via dhcp which is a private address and also want to configure the inside NIC with a class C address.The box itself would act as a dhcp server on the inside NIC.i have configured Squid server and it's working fine.
Posted 13 August 2011 - 03:29 AM
If the above yields a 0 then you need to enable IP routing in the /etc/sysctl.conf file directive is net.ipv4.ip_forward = 1
After you make the above change you need to reboot or restart networking.
Posted 15 August 2011 - 06:57 PM
for the two NIcs (eth0 and eth1)
and again i think i had mess up with the iptables below is the output of the iptables.
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type echo-reply -j REJECT --reject-with icmp-host-prohibited
-A INPUT -p icmp -m icmp --icmp-type echo-request -j REJECT --reject-with icmp-host-prohibited
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 3128 -j ACCEPT
-A INPUT -J ACCEPT -p all -s 172.16.0.0/12 -i eth1
-A OUTPUT -J ACCEPT -p all -s 172.16.0.0/12 -i eth1
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
pls correct me if there is any misconfiguration, dont forget that all what am trying to achieve is for my 2NIcs to communnicate send internet out from second interface to clients. Thanks i really appreciate ur concern and contribution.
Edited by sedow, 15 August 2011 - 06:58 PM.
Posted 17 August 2011 - 05:17 PM
And see if the problem lies there, if that is the case check your rules and correct them rinse and repeat. Other thing to do is to check that your routing table is correctly configured (easily verified with a traceroute to whatever IP address).
Posted 24 September 2011 - 05:16 AM
But I would also try turnning of SELinux if it is enabled,
Posted 24 September 2011 - 04:54 PM
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users