Solved

IPTABLE FOR RH - LINUX 9.0

Posted on 2003-12-10
11
354 Views
Last Modified: 2010-03-18
Dear All Support,

I have RedHat Linux 9.0 installed on my Pentium 4 PC. I would like to have it running as a proxy server. Which package is best to utilize for this issue ( IPTABLES or SQUID PROXY? ). If so, How can I do the configuration.

Here is my current Network Infrastructure:

1. RedHat 9.0 Server:
=> Local DNS Server
=> Local Sendmail Server
=> Local Apache Web Server
=> DHCP
=> Samba

+=> ( IPTABLES or SQUID PROXY ) I would like to add this feature to my RH- Server, so that everyone on the network could access to the Internet.  At the moment my network is using a 56K dialup to connect to the internet and receive E-Mails, but very soon we will have a fractional T1 implementing to our LAN.

Could someone please help me to resolve this problem? I deeply appreciate your help.

PS. Right now I will post this question with a 100 expert points, it will be double up once the problem is resolved.

Thank you in advance,
0
Comment
Question by:linxcelent
  • 5
  • 4
11 Comments
 

Author Comment

by:linxcelent
ID: 9917351
My Goal:

Currently: RedHat Linux 9 --> Dialup --> Proxy Server--> 25 Clients
Wil upgrate to: RedHat Linux 9 --> Fractional T1 --> Proxy Server --> 25 Clients

I am focusing on ( 56K dialup at the moment )
0
 
LVL 4

Expert Comment

by:Jivko
ID: 9918724
SQUID is the best proxy solution for web caching , but if you need other services such as icq , instant messaging , irc , and full functional internet access you need NAT solution - iptables

Regards
0
 

Author Comment

by:linxcelent
ID: 9920028
Let's pick SQUID if it's an ideal web server! How may I approach the configuration process? Do I need to install any additional package beside RH Linux 9?

Please give me some configuration sample.

Thank you the respond.
0
Master Your Team's Linux and Cloud Stack!

The average business loses $13.5M per year to ineffective training (per 1,000 employees). Keep ahead of the competition and combine in-person quality with online cost and flexibility by training with Linux Academy.

 
LVL 4

Expert Comment

by:Jivko
ID: 9920411
SQUID is not a webserver it is proxy server for web caching.
For web server use Apache
0
 

Author Comment

by:linxcelent
ID: 9920601
I apologize about my wording! However I think you know what I mean by webserver:

Server --> Sharing --> internet connection with multiple clients.

I used iptables before but it doesn't help function properly. It takes a lot of time to recognize clients. If thinking about converting to SQUID Proxy. Could you help me with the configuration?

Thank you.
0
 
LVL 4

Expert Comment

by:Jivko
ID: 9920919
Just open th configuration file and go ahead.
There is a explanation for each directive and configuration options

And iptables is not so confusing

if you want to use private range of addresses just run this:

iptables -t nat -I POSTROUTING -s 192.168.0.0/16 -j MASQUERADE

and that is all


0
 

Author Comment

by:linxcelent
ID: 9928621
Here is the problem with my existing NAT iptables:

All the client are logon to the domain before the ( NAT ) server is dialup. When the server is dialup all clients need to restart to refresh their IP addresses. All client doesn't have permission to renew ( ipconfig /renew or release) IP address. It must be done with an administrator account.

Is there any way I can resolve this problem? If so, how do I approach it?

Please help, thank you.
0
 

Author Comment

by:linxcelent
ID: 9943160
Please delete this questiong and refund points - No respond was posted.
0
 
LVL 4

Accepted Solution

by:
Jivko earned 100 total points
ID: 9948137
So what was the question? How to install squid-proxy? Or how to setup NAT with iptables? Or wich is better?

>> " When the server is dialup all clients need to restart " 
What do you mean?

>> "If thinking about converting to SQUID Proxy. Could you help me with the configuration?"

The configuration is very simple.
There is default configuration file called squid.conf.default with explanation of every configuration option - working in most cases.
It is a good idea to read something about Squid:
http://www.squid-cache.org/Doc/FAQ/FAQ-3.html#ss3.2

...and about iptables

http://www.netfilter.org/documentation/HOWTO//NAT-HOWTO.html
http://www.yolinux.com/TUTORIALS/LinuxTutorialIptablesNetworkGateway.html




0

Featured Post

Easy, flexible multimedia distribution & control

Coming soon!  Ideal for large-scale A/V applications, ATEN's VM3200 Modular Matrix Switch is an all-in-one solution that simplifies video wall integration. Easily customize display layouts to see what you want, how you want it in 4k.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
In a recent question (https://www.experts-exchange.com/questions/29004105/Run-AutoHotkey-script-directly-from-Notepad.html) here at Experts Exchange, a member asked how to run an AutoHotkey script (.AHK) directly from Notepad++ (aka NPP). This video…

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question