Linux Forums - Linux Help,Advice & support community:LinuxSolved.com
Linux in General => Os Talk => Topic started by: linuxgirl on November 13, 2004, 09:52:03 AM
-
Can any body help me?
After i configured squid proxy server and NAT, my client system could not access my linux box.
I had this error message in my client system after setting the IP to that of the linux box and the browser hostname and port to 192.168.1.0 and 3128 respectively.
C:\>ipconfig
Windows IP Configuration
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
IP Address. . . . . . . . . . . . : 192.168.1.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.0
C:\>ping 192.168.1.0
Pinging 192.168.1.0 with 32 bytes of data:
Destination specified is invalid.
Destination specified is invalid.
Destination specified is invalid.
Destination specified is invalid.
C:\>nslookup
DNS request timed out.
timeout was 2 seconds.
*** Can't find server name for address 190.170.20.254: Timed out
DNS request timed out.
timeout was 2 seconds.
*** Can't find server name for address 192.115.72.170: Timed out
*** Default servers are not available
Default Server: UnKnown
Address: 190.170.20.254
Please help me troubleshoot this network problem
-
Default Gateway . . . . . . . . . : 192.168.1.0
Well that is the mistake.. 192.168.1.0 is the address of network , not of any machine..
Please make sure that your Linux Box has what address.. it should be like 192.168.1.1, then set that as gateway.
-
Hello Ricky,
Thank you for your advice. I changed my gateway to 192.168.1.1 and the client system where able to ping the linux box.
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.
C:\
C:\>ipconfig
Windows IP Configuration
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
IP Address. . . . . . . . . . . . : 192.168.1.5
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
C:\>ping 192.168.1.1
Pinging 192.168.1.1 with 32 bytes of data:
Reply from 192.168.1.1: bytes=32 time<1ms TTL=64
Reply from 192.168.1.1: bytes=32 time<1ms TTL=64
Reply from 192.168.1.1: bytes=32 time<1ms TTL=64
Reply from 192.168.1.1: bytes=32 time<1ms TTL=64
Ping statistics for 192.168.1.1:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
C:\>nslookup
DNS request timed out.
timeout was 2 seconds.
*** Can't find server name for address 190.170.20.254: Timed out
DNS request timed out.
timeout was 2 seconds.
*** Can't find server name for address 192.115.72.170: Timed out
*** Default servers are not available
Default Server: UnKnown
Address: 190.170.20.254
>
But the client were unable to browse. please advice me on what to do next.
Thanks.
-
well.. you give you structure of your network and also what you have done on which machine.. So that I can tell exact solution !
-
Thank you very much, I appreciate you concern.
I have a network of 15 systems, each running windowsXP. I planned to use one of my system for cache since my ISP do not have enough bandwidth. I have a system running windowsXP that is directly connected to the internet and from there to my linux box (Redhat 9.0) and to the other client.
WindowsXP ------------- Linux Box -------------- Client systems
-----ICS--------------------Squid/NAT
I have this configuration in my linux box
[root@girl root]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:0A:E6:9B:85:FE
inet addr:192.168.0.20 Bcast:192.168.0.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:833 errors:0 dropped:0 overruns:0 frame:0
TX packets:799 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:361420 (352.9 Kb) TX bytes:116198 (113.4 Kb)
Interrupt:11 Base address:0xd800
eth1 Link encap:Ethernet HWaddr 00:E0:50:02:30:92
inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:4 dropped:0 overruns:0 carrier:8
collisions:0 txqueuelen:100
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
Interrupt:10 Base address:0xec00
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:10 errors:0 dropped:0 overruns:0 frame:0
TX packets:10 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:700 (700.0 b) TX bytes:700 (700.0 b)
[root@girl root]#
In the client system I use 192.168.1.1 as the gateway and the IP address started from 192.168.1.2 to 192.168.1.14. The DNS remains the same as that of eth0.
in the internet explorer browser i specified girl as the hostname and 3128 as the port number. The client were able to ping the linux box but were unable to browse. I do not know wether it is the squid or NAT configuration that has problem.
Here is my NAT configuration
iptables=/sbin/iptables
iptables --flush -t nat
iptables --table nat --append POSTROUTING --out-interface ppp0 -j MASQUERADE
iptables --append FORWARD --in-interface eth0 -j ACCEPT
echo 1 > /proc/sys/net/ipv4/ip_forward
#Transparent proxy
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128
I made it executable with "chmod 755 /etc/rc.d/rc.nat" and also place "etc/rc.d/rc.nat" in the etc/rc.d/rc.local to enable automatic execution at startup as you specified in
http://www.linuxsolved.com/forums/ftopic115.html
Here is my SQUID CONFIGURATION
http_port 3128
cache_mem 60 MB
cache_dir ufs /var/spool/squid 1000 16 256
pid_filename /var/run/squid.pid
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access deny all
visible_hostname admin.girl.com
httpd_accel_port 80
httpd_accel_single_host on
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
error_directory /usr/share/squid/errors/English
Please help me out.
-
well. you are doing many mistakes...
Since you have following structure..
Internet ---> WinXp ---> LinuxBOX(RH9) ----> All clients
then in winxp box which connectect to internet should have ICS enabled.
Now I think your eth0 of LinuxBox is connected to Winxp box then you should set your eth0 to obtain Ip address automatically, you can set this using redhat's graphical utitlity to set ethernet cards.
Now as your eth0 in LinuxBox is connected to now internet so change
in the following
iptables --table nat --append POSTROUTING --out-interface ppp0 -j MASQUERADE
iptables --append FORWARD --in-interface eth0 -j ACCEPT
echo 1 > /proc/sys/net/ipv4/ip_forward
change ppp0 to eth0 and in next line eth0 to eth1
Now your squid configuration is also wrong..
See the tuturial again about squid configuration and specifically look for the Localnet section..
-
Hello Ricky,
I am most grateful for the professional advice you gave to me.
I should have written since, but i was on leave. I used Squid to share my internet access after i resume from my leave yesterday and it worked for my LAN.
Thanks Ricky