logIt Log Around The Clock

Basic squid In A Gateway

In General Linux on 20 August 2009 with no comments flame_ico 7 views

tags:

This trial is done in a RedHat (RHEL 5.2) inside VirtualBox. The required squid package is using squid-3.0.STABLE13-1.el5.i386.rpm. Two interfaces is configured in this box as shown in the following NAT masquerading which build a simple router at 192.168.40.40 (eth1) :

1
2
3
4
5
6
7
8

WAN=wan0
LAN=eth1
IPTABLES=/sbin/iptables
 
$IPTABLES --flush                         # Flush all the rules in filter and nat tables
$IPTABLES --table nat --flush
$IPTABLES --delete-chain                  # Delete all chains that are not in default filter and nat table
$IPTABLES --table nat --delete-chain

the real script is just two command line below:

1
2

$IPTABLES --table nat --append POSTROUTING --out-interface $WAN -j MASQUERADE
$IPTABLES --append FORWARD --in-interface $LAN -j ACCEPT

Default route gateway is wan0 and /etc/resolv.conf is edited with relevant DNS. Internet works perfectly and then after squid is installed, I use the following /etc/squid.conf :

1
2
3
4
5
6

visible_hostname mithrandir
http_port 3128
cache_dir ufs /var/spool/squid 1000 16 256
cache_access_log /var/log/squid/access.log
acl intranet src 192.168.40.0/24
http_access allow intranet

It is pretty straightforward and simple, a listening proxy 192.168.40.40 in port 3128. It is also a router to the internet, NAT, via wan0.


Leave a Reply


About

+Arif Kusbandono

Recently

    Et Cetera


    Back to Home

    © logIt. Powered by WordPress using the DePo Skinny Tweaked Theme.