Linux Forums - Linux Help,Advice & support community:LinuxSolved.com
Network Troublshooting => Linux Proxy Server Support => Topic started by: sothy on October 11, 2005, 03:49:38 AM
-
Dear every body
i have problem with transparent proxy that befor time every with transparent proxy it working fine but when i reinstall machin it have problem with command :
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j REDIRECT --to-port 3128
but when i go to see on iptable -v -n --list it dosen't have command that i typed befor ..........so could you tell me how shout i do with thos command .
Happy when you reply back
Best Regard
sothy.sorn
-
Sir check your /etc/sysctl.conf and check if your ipforwarding is = 1.
Thanks
-
Dear sir
i have doned it already , that i chang on :
linux:/proc/sys/net/ipv4 # less ip_forward
1
it show 1 but still the same when i type command for use transparent it dose't record or i dont see any thing when i typ command for check it :
linu
Ex :
linux:/ # iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j REDIRECT --to-port 3128
linux:/ # iptables -v -n --list
Chain INPUT (policy ACCEPT 148 packets, 60842 bytes)
pkts bytes target prot opt in out source destination
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 178 packets, 60031 bytes)
pkts bytes target prot opt in out source destination
so it make my transparent proxy can't work ..................
Thank You for your time
-
ok..First of all send me the ouput of
#iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j REDIRECT --to-port 3128
does it shows any error message or it is executed fine?
if it doesn't show any message , then check ur logs in squid..Tell wheather clients are using squid proxy....
If it uses then its ok , if not then just convert PREROUTING to POSTROUTING
in above command ..
After that i hope it will work
Cheers
Gaurav
-
Dear sir
i dont know clearly what you mean but i have some thing to tell you again about my problem that ::
know why all my machin i mean three
machin that use suse the same that why when i use script for use
transparent proxy :
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128
And when i want to show it :
linux:/ # iptables -v -n --list
Chain INPUT (policy ACCEPT 126K packets, 70M bytes)
pkts bytes target prot opt in out source destination
Chain FORWARD (policy ACCEPT 17 packets, 1124 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 111K packets, 73M bytes)
pkts bytes target prot opt in out source destination
And about
linux:/proc/sys/net/ipv4 # less ip_forward
1
so i try to find the reason be my self but i you hade ever meet this problem
could you tell me how can i do with this ?
Thank You for your reply back
-
I can't get you
It seems that , u want to configure TRANSPARENT PROXY IN SUSE, for that u have to make changes only in SuSEfirewall2 file..,
Gaurav
-
Yes i realy want to install transparent proxy on suse and about my Susefirewall i all so disaball already :
linux:~ # /etc/init.d/SuSEfirewall2_final stop
linux:~ # /etc/init.d/SuSEfirewall2_init stop
linux:~ # /etc/init.d/SuSEfirewall2_setup stop
Shutting down the Firewall (and disabling routing) done
so how can i do with this ? ....................
-
Its not so difficult....
just follow this link
http://www-uxsup.csx.cam.ac.uk/pub/doc/suse/suse9.3/suselinux-adminguide_en/sec.squid.proxyconfigtrans.html
I have already setup the Transparent PROXY in my company..Its sucessfully running
Gaurav
-
Sorry Sir i dont know you understand what my problem ornot . but how ever i just want to tell you that befor time i all have ever done Transprent Proxy work already but just a vew day i have problem with electric that make my server linux it reboot and when i start squid agian it working fine but when i want to use transprent proxy i can't that befor time when i use script for run transprent proxy it working fine and we can see the record command when we type ( # iptanbles -v -n --list ) we will see the scripts that we type but now when i typ scripts the same scripts befor i did't see any thing that when i type the command ( # iptables -v -n --list ) . i hope my explain every thing make you understand it .......Thank you foryou time that help me ....................
sothy
-
#
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128
# service iptables save
check in /etc/sysconfig/iptables
u can see already the mentioned tables is saved
-
[root@station22 root]# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
[root@station22 root]#
you can check here iptables -L command is showing only out put of input and forward and output chains only.............but we are doing prerouting.......
iam not that much sure ....you can ask some other
-
Dear sir it the result that you tell me but i dont see iptables in /etc/sysconfigure :
linux:/ # /etc/sysconfig/
daemons hardware isdn network powersave scripts
linux:/ # cd /etc/sysconfig/
linux:/etc/sysconfig # ls
. backup cron hardware kernel mouse powersave sendmail windowmanager
.. boot cups hotplug keyboard network proxy sound xntp
SuSEfirewall2 bootloader daemons ide language news saslauthd ssh ypbind
apache bootsplash displaymanager isdn ldap nfs sax suseconfig
apache2 bzflagserver dump ispell lirc onlineupdate scripts susehelp
autofs clock esound java mail personal-firewall scsidev sysctl
autoinstall console fonts-config joystick mdadm postfix security syslog
linux:/etc/sysconfig #can't fine iptables
so what the matter with my machin ?
-
Dear sir
i have alredy done it about what to see my script by useing command :
iptables -L or iptables -v -n --list but the results still the same so i dont know why every scripts that i type befor it doesn't see any thing it just ;
linux:/ # iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
linux:/ #
it still the same why it can't save or record my scripts ..................
-
Hello sothy
not /etc/sysconfig............... please check in /etc/sysconfig/iptables............here you can view the saved tables
-
vi /etc/sysconfig/iptables..........in redhat enterprise linux or fedora or redhat linux having the same file vi /etc/sysconfig/iptables...
after verification please let me know
kishore
-
iam sending the out put of vi /etc/sysconfig/iptables.. here you can watch about natting and filtering... the iptables -v -n --list command is showing only filtering poins not natting.
go through this////
# Generated by iptables-save v1.2.9 on Fri Oct 14 14:38:56 2005
*nat
:PREROUTING ACCEPT [1:78]
:POSTROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A PREROUTING -i eth1 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128
-A PREROUTING -i eth1 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128
COMMIT
# Completed on Fri Oct 14 14:38:56 2005
# Generated by iptables-save v1.2.9 on Fri Oct 14 14:38:56 2005
*filter
:INPUT ACCEPT [1:78]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
COMMIT
# Completed on Fri Oct 14 14:38:56 2005
tnx kishore
-
Dear sir
sorry i use linux suse 9.1 and i can't log in /etc/syscomfigu but in this file it does't have iptables . but when i fine it i saw iptables in ;
linux:/ # whereis iptables
iptables: /usr/sbin/iptables /usr/lib/iptables /usr/share/man/man8/iptables.8.gz
so did you know some thing about this or not ?
-
hey sir you know i can't fine file iptables on etc/sysconfig
linux:/ # vi /etc/sysconfig/
SuSEfirewall2, clock , hotplug , lirc , powersave ,suseconfig ,
apache console ide mail proxy susehelp
apache2 cron isdn mdadm saslauthd sysctl
autofs cups ispell mouse sax syslog
autoinstall daemons java network scripts windowmanager
backup displaymanager joystick news scsidev xntp
boot dump kernel nfs security ypbind
bootloader esound keyboard onlineupdate sendmail
bootsplash fonts-config language personal-firewall sound
bzflagserver hardware ldap postfix ssh
linux:/ # vi /etc/sysconfig/
-
do one thing type this command and send the out put then i can justify............
find / -name iptables
-
it the result that you want sir ;
linux:/ # find / -name iptables
/usr/lib/iptables
/usr/sbin/iptables
/usr/share/doc/packages/iptables
find: . changed during execution of find
linux:/ #
-
i think the below one is for saved iptables directory
/etc/sysconfig/SuSEfirewall2
you can go through this site for clear information...
http://www-uxsup.csx.cam.ac.uk/pub/doc/suse/suse9.2/suselinux-adminguide_en/ch27.html#sec:fire
-
Dear Sir
Thank you for your time so now i have the way for resoul my problem but im not sure that i can't do or not but i will try and if i have some wonder i will contact to you again .........Thank you for your help ......................
Best Regard
Sothy
-
you can see the out put in fedora core 2
[root@station22 root]# find / -name iptables
/sbin/iptables
/lib/modules/2.6.5-1.358/build/include/config/ip6/nf/iptables
/lib/modules/2.6.5-1.358/build/include/config/ip/nf/iptables
/lib/iptables
/etc/sysconfig/iptables
/etc/rc.d/init.d/iptables
[root@station22 root]#
here you can observe /etc/sysconfig/iptables.....is the configuration file for iptables
ii think in your linux box iptables..rpm not configured well...i think so...try to download from site... why iam saying is if you are trying with find ...you will get the out put of the configuration file...
be patience you will get the solution shortly..... if not now may be tommorow
tnx
-
Dear Sir
i think every thing still the same i can't use transparent proxy by use the scripts iptables..................... . ............ did you have agood idea for tellme >>? and did have some one can help me or not ? my work now stuck with transparent proxy .
-
Dear every body
i have problem with transparent proxy that befor time every with transparent proxy it working fine but when i reinstall machin it have problem with command :
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j REDIRECT --to-port 3128
but when i go to see on iptable -v -n --list it dosen't have command that i typed befor ..........so could you tell me how shout i do with thos command .
Happy when you reply back
Best Regard
sothy.sorn
Hmm.. I have not gone through every post in this topic but I would like to know that what is your OS ?
-
Dear Ricky
Now day i use Suse 9.1 and i have meet a difficult for along time so could you help me about this..... and Linux it the new os in cambodia so it hard to fine some one that know about Linux .
......Thank you for your reply back and Hope you will soul my problem..........
-
I too have not done it on SuSe but I think someone .. may be Gauravbajaj has tried it on SuSe.. Actually in suse you can't directly apply iptables, its overwritten by suse's firewall system. Try it configuring from there.
-
Dear Ricky
Thank you for your reply back but about my problem i have some informaiton from Mr.Gauravbajaj but information that he tall me it doesn't work so i want to ask him and you again . How ever i have some point about this problem some wrong with firewall config so i want to ask you how to disable firewall .........................
Best Regard
sothy
-
if you want to disable the firewall in suse the simple way is via Yast.
Yast/Security And user/firewall after click on firewall there is two options .
the first use for setting firewall and the second option is disabllig firewall.
and then reboot your system.
when at first i wanted to configure squid like ricky tutorial the firewall dose not permit to nat for redirect and when i disabled firewall in this manner squid start to work well.
-
any where i will config to disbal firewall and the result it show i will tell you again .....
Thank You
Sothy