Hi Henrick!
Please correct me if I am going wrong.
We have 2 networks. One for Dialup users(200.50.67.0/24) and one for LAN(200.50.68.0/24).
Squid machine have 1 NIC.
IP : 200.50.68.7
Virtual interface IP = 200.50.67.2
All class c's upload through the our telecom provider .
-Only 200.50.67.0/24 will be coming through Satellite.
-only 200.50.68.0/24 will be coming back though our telecom provider.
Squid must present itself with different ips as it proxy both networks.
1. Set up squid with two diiferent http_ports.
http_port 200.50.68.7:8080
http_port 200.50.67.2:3128
Ipchains are:
/sbin/ipchains -I input 1 -s 200.50.68.0/255.255.255.0 -d 0/0 80 -p tcp -j REDIRECT 8080
/sbin/ipchains -I input 1 -s 200.50.67.0/255.255.255.0 -d 0/0 80 -p tcp -j REDIRECT 3128
Do I still need the acl aclname myport ... after specify the IPChains above?
2. acl satconc myport 3128
acl lanconc myport 8080
3. acl dialup src 200.50.67.10-200.50.67.2555
acl lan src 200.50.68.0/255.255.255.0
4. http_access deny dialup !satconc
http_access deny lan !lanconc
Thank you very much.
Best regards,
Edward Millington
(Network Administrator & Senior Technical Support Technician)
Cariaccess Communications Ltd.
Carlisle House
Hincks Street
Bridgetown
Barbados
1-246-430-7435
Fax : 1-246-431-0170
www.cariaccess.com
Received on Sat Apr 28 2001 - 19:43:14 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:59:39 MST