I have squid operating well on a small NAT network. Currently - all
clients select "automatic proxy detection" and that is all working
correctly with proxy.pac script on the http server.
I wanted to ensure that the proxy is handling ALL http traffic ALL of
the time - so I can be confident of the statistics generated by sarg
(squid analysis and report generator).
I thought this should e easy. I have a netgear DG834G router acting as
the internet DSL connection. I added 2 outgoing firewall rules in the
Dg834G:
1) allow all going traffic from the squid servers local IP.
2) Block port 80 traffic from all (other) local ip addresses.
When I apply these 2 rules - the network experiences erratic internet
access. Some sites work some of the time - but not everything works
correctly. I have tried disabling the above rules - then enabling just
rule 1 - and even then the network behaves erratically. Note that rule 1
is an "allow" rule. But as soon as I disable both rules - everything
returns to normal.
This seems very weird to me. Can anyone suggest some subtlety I am
overlooking?
I have checked the netgear knowledge base and there are no glaring bugs
reported related to this behaviour. I have updated to the latest netgear
firmware. I can only assume the DG834 is not behaving as expected. Can
anyone se another explanation?
In case it is relevant - the linux box is performing squid, dns, dhcp,
http and lots of other stuff but the dg834 is performing NAT (and only NAT).
Thanks
Richard.
Received on Tue Jan 13 2009 - 13:44:43 MST
This archive was generated by hypermail 2.2.0 : Tue Jan 13 2009 - 12:00:03 MST