Network Troublshooting > Linux Servers Support
Configuring Squid Outlook to access Remote mail server.
Ricky:
Well you are getting confused..
Well tell me what is your distribution. ?? If any of the latest then no problem ..
Now first give these topics a look.. http://www.linuxsolved.com/forums/viewtopic.php?t=86
and
http://www.linuxsolved.com/forums/viewtopic.php?t=42
In both see my posts for configuring transparent proxy with the squid.conf in other thread.. Now.. try that.. then tell me..
Also if you have installed the squid from rpm .. unistall it and install it by source code.. using the following argument to enable transparency..
--- Code: ---./configure --enable-linux-netfilter
--- End code ---
But as far as i know rpm packages are now compiled with that option already enabled...
ashwin_ice:
Dear Ricky,
Thanks to your Previous posts and the Squid Proxy config manual, I've managed to set up Transparent Caching using the following
Port redirection
iptables -t nat -A PREROUTING -p TCP --dport 80 -j REDIRECT --to-port 8080
The above rule redirects port 80 requests, irrespective of source ip address to port 3128 (or whichever port in which squid is running in transparent mode). 8080 My Port specified.
IP-Masquerading
iptables -t nat -A POSTROUTING -p TCP -s 0/0 --dport 21 -j MASQUERADE
iptables -t nat -A POSTROUTING -p TCP -d 0/0 --dport 20 -j MASQUERADE
iptables -t nat -A POSTROUTING -p TCP --dport 25 -j MASQUERADE
iptables -t nat -A POSTROUTING -p TCP --dport 110 -j MASQUERADE
iptables -t nat -A POSTROUTING -p TCP --dport 22 -j MASQUERADE
iptables -t nat -A POSTROUTING -p TCP --dport 23 -j MASQUERADE
and in the Squid.cache
To Run Squid in a transparent mode, enable the following directives in Squid.conf.
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
Now after having put in these configurations
I Set the IP Gatway on the clients to that of the Squid server
The Outlook clients on the Win2k Clients can now pass traffic through the squid server and have their mail requests to the Remote mail server. This was only pertaining the Laptop users who maintain all their mails on their Laptops whether they connect usin the Squid server or from anywhere Outside using dialup.
Now for the rest of the lan users we download mails on to our own POP3(VPOP3) and SMTP(Wndows SMTP Server) Windows 2k Polling server and relay the mails to their respective Win2k clients. Now when I configure the IP Gateway of this POP3 and SMTP Server to use Squid, it does not seem to connect, neither does it POLL, I'll draw a diagram and mail it to you... so you'll be a bit more clear about this...
Kind Regards
Ashwin[/img][/b]
Ricky:
hmm... waiting for mail.. and i think i should now write a tutorial for setting up squid as well as transparent proxy... but send it to mail i am giving to u in pm.. only..
ashwin_ice:
Thanks Ricky, so lemme see what I can do with this IPTABLES stuff..., and wouldn't Masquerading help. That would help protect my inner network.. right I mean thats not a Priority an can do without that for now..
So the part I'd done before I guess was correct and all I had to do was define the gateway... without filling in the proxy port in the browser... but then I wonder why was the VPOP 3 server not forwarding anythin... I set the nat to forward SMTP and POP3 traffic.. right.. or is it beacuse HTTP is still with Squid :| ? I mean um sorry I might be making things more complicated, but I'll do wot ya told me to n get back to ya.. k tahnks again...
Regards
Ashwin
ashwin_ice:
Dear Ricky,
Something's not working again. I've done the following you'd asked me to do:
In /etc/rc.d/rc.nat and a entry for the same in /etc/rc.d/rc.local
--- Code: ---#!/bin/sh
iptables=/sbin/iptables
$iptables --flush -t nat
iptables --table nat --append POSTROUTING --out-interface eth1 -j MASQUERADE
iptables --append FORWARD --in-interface eth0 -j ACCEPT
echo 1 > /proc/sys/net/ipv4/ip_forward
--- End code ---
And despite configuring this, Ricky I still cant browse from client ends despite disabling the clients from using proxy ports. I havn't used the Redirect HTTP to 8080 (or 3128) I've removed the foll Transparent Proxy lines form squid too so it would not cause any impediments.
--- Code: ---httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
--- End code ---
and I dont want SQUID working so I'll try stopping the service next time.
and am not using redirecting of port 80 HTTP to Squid either.
--- Code: ---#Not Used
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080
--- End code ---
Secondly once this gets working which I'm sure it will thanks to your guidance now and that which you would be giving, just a question i had in mind... Is it like we're Masquerading packet IP's with Source NAT and Forwarding Internal bound traffic, we're usin drop to not forward those PORTS specified.. right?
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version