Solved

IPTABLE FOR RH - LINUX 9.0

Posted on 2003-12-10
11
337 Views
Last Modified: 2010-03-18
Dear All Support,

I have RedHat Linux 9.0 installed on my Pentium 4 PC. I would like to have it running as a proxy server. Which package is best to utilize for this issue ( IPTABLES or SQUID PROXY? ). If so, How can I do the configuration.

Here is my current Network Infrastructure:

1. RedHat 9.0 Server:
=> Local DNS Server
=> Local Sendmail Server
=> Local Apache Web Server
=> DHCP
=> Samba

+=> ( IPTABLES or SQUID PROXY ) I would like to add this feature to my RH- Server, so that everyone on the network could access to the Internet.  At the moment my network is using a 56K dialup to connect to the internet and receive E-Mails, but very soon we will have a fractional T1 implementing to our LAN.

Could someone please help me to resolve this problem? I deeply appreciate your help.

PS. Right now I will post this question with a 100 expert points, it will be double up once the problem is resolved.

Thank you in advance,
0
Comment
Question by:linxcelent
  • 5
  • 4
11 Comments
 

Author Comment

by:linxcelent
Comment Utility
My Goal:

Currently: RedHat Linux 9 --> Dialup --> Proxy Server--> 25 Clients
Wil upgrate to: RedHat Linux 9 --> Fractional T1 --> Proxy Server --> 25 Clients

I am focusing on ( 56K dialup at the moment )
0
 
LVL 4

Expert Comment

by:Jivko
Comment Utility
SQUID is the best proxy solution for web caching , but if you need other services such as icq , instant messaging , irc , and full functional internet access you need NAT solution - iptables

Regards
0
 

Author Comment

by:linxcelent
Comment Utility
Let's pick SQUID if it's an ideal web server! How may I approach the configuration process? Do I need to install any additional package beside RH Linux 9?

Please give me some configuration sample.

Thank you the respond.
0
 
LVL 4

Expert Comment

by:Jivko
Comment Utility
SQUID is not a webserver it is proxy server for web caching.
For web server use Apache
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 

Author Comment

by:linxcelent
Comment Utility
I apologize about my wording! However I think you know what I mean by webserver:

Server --> Sharing --> internet connection with multiple clients.

I used iptables before but it doesn't help function properly. It takes a lot of time to recognize clients. If thinking about converting to SQUID Proxy. Could you help me with the configuration?

Thank you.
0
 
LVL 4

Expert Comment

by:Jivko
Comment Utility
Just open th configuration file and go ahead.
There is a explanation for each directive and configuration options

And iptables is not so confusing

if you want to use private range of addresses just run this:

iptables -t nat -I POSTROUTING -s 192.168.0.0/16 -j MASQUERADE

and that is all


0
 

Author Comment

by:linxcelent
Comment Utility
Here is the problem with my existing NAT iptables:

All the client are logon to the domain before the ( NAT ) server is dialup. When the server is dialup all clients need to restart to refresh their IP addresses. All client doesn't have permission to renew ( ipconfig /renew or release) IP address. It must be done with an administrator account.

Is there any way I can resolve this problem? If so, how do I approach it?

Please help, thank you.
0
 

Author Comment

by:linxcelent
Comment Utility
Please delete this questiong and refund points - No respond was posted.
0
 
LVL 4

Accepted Solution

by:
Jivko earned 100 total points
Comment Utility
So what was the question? How to install squid-proxy? Or how to setup NAT with iptables? Or wich is better?

>> " When the server is dialup all clients need to restart "
What do you mean?

>> "If thinking about converting to SQUID Proxy. Could you help me with the configuration?"

The configuration is very simple.
There is default configuration file called squid.conf.default with explanation of every configuration option - working in most cases.
It is a good idea to read something about Squid:
http://www.squid-cache.org/Doc/FAQ/FAQ-3.html#ss3.2

...and about iptables

http://www.netfilter.org/documentation/HOWTO//NAT-HOWTO.html
http://www.yolinux.com/TUTORIALS/LinuxTutorialIptablesNetworkGateway.html




0

Featured Post

Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

Join & Write a Comment

Suggested Solutions

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now