[squid-users] Squid as gateway
Amos Jeffries
squid3 at treenet.co.nz
Fri Jul 21 16:01:17 UTC 2017
On 22/07/17 02:18, erdosain9 wrote:
> Hi, and thanks
>
> The ROUTERWIFI is a TpLink TL-WR940N.... i dont see in this router any Nat
> option :-(
>
> This is the router table of the SquidBox
>
> Kernel IP routing table
> Destination Gateway Genmask Flags Metric Ref Use
> Iface
> 0.0.0.0 10.1.158.1 0.0.0.0 UG 0 0 0
> ens192
> 10.1.158.0 0.0.0.0 255.255.255.0 U 0 0 0
> ens192
> 169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0
> ens160
> 169.254.0.0 0.0.0.0 255.255.0.0 U 1003 0 0
> ens192
> 192.168.0.0 192.168.1.40 255.255.255.0 UG 0 0 0
> ens160
> 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0
> ens160
> 192.168.2.0 192.168.1.1 255.255.255.0 UG 0 0 0
> ens160
> 192.168.6.0 192.168.1.1 255.255.255.0 UG 0 0 0
> ens160
That seems okay. Assuming that 192.168.1.1 is reachable through
192.168.1.40 - but they should be irrelevant for the 192.168.0.0/24
clients even if broken.
>
> If i enable ipv4 forwarding in SquidBox, the clients of the ROUTERWIFI can
> access internet, so i think the router table it's ok.... the clients can go
> to internet but just because ipv4 forwarding is enable (the squid service is
> not getting anything, i dont see nothing in the access.log...) if i disable
> ipv4 forwarding the clients dont go anyway.
What setting exactly are you changing for this "ipv4 forwarding"
enable/disable?
Clients should be fully able to access and use the Internet / WAN
connectivity _through_ the machine called SQUID in your network when the
NAT rules from the Squid wiki config example are omitted.
One thing we have not mentioned AFAIK, is that the FIREWALL machine
needs to have 192.168.0.0/16 gw 192.168.1.20 as its LAN gateway setting
to pass the Internet response traffic back through SQUID machine.
Amos
More information about the squid-users
mailing list