Scrive Thomas Markus <T.Markus@gsg-berlin.com>:
> Hi,
>
> don't activate maquerading. You don't need it. Why is yout net
> 192.168.0.0/8 ? It should by 192.168.0.0/16 or
> 192.168.0.0/24. Check if your brwoser really use squid.
>
> nicos@spb.cityline.ru wrote:
> >
>
Uhmmm... I think nico's clients are not really using the proxy... it seems
they're goin' out using the NAT instead;
There are a number of problems using ftp & MASQ. Nico, if you REALLY need that
your clients transparently go on "the Net", i suggest you keep use
MASQUERADING and that you think about undergoing a kernel upgrade to v2.4.4
(better support for ftp in netfilter). Instead you you olny need that clients
can get web pages and ftp files, i suggest to disable NAT and do a number of
checks to be sure that clients are really using the proxy; this can be, for
egs.:
check the squid access.log file, which contains information on requests
received from clients and may help you understand if the browsers really query
the proxy and if the proxy really feed them with the requested objects.
check the squid.conf file; look for something like http_access and read
carefully the lines. If you are not confident with squid.conf syntax, you must
read this: http://squid-docs.sourceforge.net/latest/html/book1.htm
check the client's browsers configuration: you must tell them to use the
proxy, unless you want to undergo the procedure to build a transparent proxy.
Kalugen.
Received on Wed May 23 2001 - 04:46:35 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:00:14 MST