Solved

ipchains and squid

Posted on 2000-03-15
4
373 Views
Last Modified: 2013-12-06
i just got a cable modem connection to the internet. and i want to set up my linux box with ipchains and squid proxy. i have one nic card configured for DHCP and the other nic has a static address of 192.168.1.254. the DHCP NIC is connected to the internet and the Static NIC is connected to my internal LAN. is there anyone out there that can guide me step by step on excactly how to do it? how to much hard drive space do i need for the cache? any other valuable Info would be appreciated.

i am running:
Red Hat 6.1
Kernel 2.2.12-20
gnome desktop if it matters?
celeron 466 processor.
192 MB RAM
6 GIG Hard drive
0
Comment
Question by:Phiber0pTik
4 Comments
 
LVL 3

Expert Comment

by:iharding
ID: 2622243
Squid is very easy if you want to just use the RPM to install it from RedHat site.  I am running SQUID for 40 users with 2 gig of HD, not probs.  Make sure you can ping both networks from the proxy and everything should be fine.  Your clients will just set up thier browsers to point to proxy.xxx.yyy.com port 3128 or if you change the squid.conf another port.  If you install the RPM from RH Power Tools, it integrates into Linuxconf, and everything is menu driven.

Why do you want IPCHAINS?  That would determine how to set it up.

0
 

Expert Comment

by:owld
ID: 2623311
If you want security connection to inet,
you must setup firewall filters by ipchains. If not , forgot about ipchains.
0
 
LVL 12

Accepted Solution

by:
j2 earned 100 total points
ID: 2623611
Squid _only_ gives you sharing of http:// ftp:// https:// and gopher. Nothing else.

If what you want is "generic" internet sharing, IPchains is your friend. I think the easist aproach for a rookie is to grab pmfirewall from www.pointman.org  (also: if you do not have ipchains installed, it is available on your CD.

1. DOwnload it
2. unpack it (tar zxvf filename)
3. cd to the new directory
4. follow the install guide (just run the install script)
5. ANswer the questions, just remember to answer YES to the question about "Should this machine masquerade for other systems"
6. Launch pmfirewall ( /etc/rc.d/init.d/pmfirewall start )
7. Tell you clients to use your linux IP as "default GW" and set the DNS of your clients to use the DNS of your ISP. pmfirewall also gives you decent firewalling. If you do not want that, yo ucould just do

echo 1 > /proc/sys/net/ipv4/ip_forward
ipchains -A forward -s 192.168.1.0/24 -b -j MASQ

and you are done. (after you set the clients up the same way as if you had pmfirewall).


Now, if you _also_ want to use squid to accelerate webacess (pointless unless you either pay your ISP per megabyte, or have atleast 10 or so systems in your LAN)

just install the RPM, and use linuxconf to configure squid. (As default it uses space in /var/spool to hold the cache) How much space you wich to use is up to you, but remember that a webcahce doesnt help you unless one or more systems access the _exact_ same webpage frequently (remember that id a page is built dynamically it isnt the same, and will have to be reloaded anyway).

I used to run a 500Mbyte squid when i was on a dialup, but now that i am on cable Squid is more in the way then helpfull actually (then of cource i only have 5 systems in my lan, if you have more it might help).
0
 

Author Comment

by:Phiber0pTik
ID: 2629675
Thanks for the help j2!
0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

This document is written for Red Hat Enterprise Linux AS release 4 and ORACLE 10g.  Earlier releases can be installed using this document as well however there are some additional steps for packages to be installed see Metalink. Disclaimer: I hav…
SSH (Secure Shell) - Tips and Tricks As you all know SSH(Secure Shell) is a network protocol, which we use to access/transfer files securely between two networked devices. SSH was actually designed as a replacement for insecure protocols that sen…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now