[squid-users] completely transparent Squid
Arkantos
221184 at gmail.com
Sat Aug 29 15:32:47 UTC 2015
hello everybody,
thanks for the show of support. we really appreciate it. god bless.
as the network stands presently, we take delivery from our ISP via fiber. it
feeds into eth0 of the Unify MSC. eth1 is our LAN which is distributed to
all our users.
IP is assigned to each user. eth1 is 172.16.0.1 and users start from
172.16.0.11
right now it is 35 users, but we are expecting an influx of another 120-130
users as our competing service provider is shutting shop. there will be an
influx of even more users as we are actively expanding our geographical
coverage. we are expecting to be with 600 users within a months time.
user IPs are sometimes directly connected to computers, and sometimes to
users' routers.
DHCP is completely disabled.
user authentication is done from Unify MSC by matching user/pass/IP/MAC
using strict method - this is the reason we need completely transparent
proxy.
in India (where i am from) the rules regarding cyber crimes is very very
strict. so we have to maintain complete access logs (which Unify is capable
of doing very cheaply and easily)
the rig on which Squid is installed 2 NICs
currently our topology is like this:
delivery at MUX of ISP --- WAN port of Unify --- LAN port of Unify ---
Distribution network to user's home
we were thinking of this kind of a topology:
delivery at MUX of ISP --- WAN port of Unify --- LAN port of Unify --- WAN
port of Squid --- LAN port of Squid --- Distribution network to user's home
at the moment, i have installed CentOS 7.1.1503 on which Squid 3.3.8 and
Webmin 1.760 are installed.
i have just initialised the cache. and thats that.
on the Squid rig, i can access the internet through eth0
but i am finding it difficult to make the necessary config changes to allow
eth1 to give out connectivity to other computers.
i have tried bridging from this site, but it is not working:
https://sites.google.com/site/ghidit/how-to-2/configure-bridging-on-centos
i dont know how to move forward.
What would you suggest?
please help.
Arkantos.
--
View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/completely-transparent-Squid-tp4672904p4672949.html
Sent from the Squid - Users mailing list archive at Nabble.com.
More information about the squid-users
mailing list