Can Squid and Iptables coexist on the same machine and benefit me?
Posted on 2004-11-18
I have a firewall I created from Linux Fedora 2. It has 4 Network Cards.
ETH0 is my PRIVATE LAN
ETH1 is my Internet Connection Between Router and Firewall
ETH2 is my Mail/Webserver
ETH3 is my Public Wireless Segment
In addition to keeping mischevious people on the wireless and Mail/web server segments from getting to the PRIVATE LAN, well I should say SLOW THAT PERSON DOWN, I would really like to be able to filter which computers on the private LAN have access to the internet and even be able to log activity down to the URL.
So I installed SQUID alongside my IPTABLES firewall (same box) and got SQUID functioning. Right now I'm at the point that if I shut-down iptables, SQUID does it's job. It is caching sites when I point my computer to them and producing very nice little reports with SARG. When I bring up IPTABLES, SQUID is broke.
I think I can get past this issue by adding a few more ACCEPTS with IPTABLES, but I don't know if I want to. Am I getting too complicated by running SQUID and IPTABLES together? Can IPTABLES log activity similiarly to SQUID?
I'll leave it at that for now, any advise?