r_balest Posted November 8, 2006 Report Share Posted November 8, 2006 guys please help this is the condition: I built a Linux proxy server using Squid. I had 2 LAN Cards on it. the first one, connected to Switch [Local Area, IP 192.168.9.213]. the second one, connected to ADSL Modem, IP 192.168.254.2] Now I can ping out from Linux to Windows XP Client [segment 192.168.9.xx] BUT I cannot ping from Windows to Linux...therefore, if I enter IP 192.168.9.213 as my proxy server at windows client, it won't connect to the Internet... I have started samba service, though I don't know how to configure my firewall. do I configure the shorewall? here's the network config for the first network card [Local Area] IP : 192.168.9.213 Mask : 255.255.255.0 Gateway: - [ADSL] - Second network card IP : 192.168.254.2 Mask : 255.255.255.0 Gateway: 192.168.254.254 Quote Link to comment Share on other sites More sharing options...
michaelcole Posted November 8, 2006 Report Share Posted November 8, 2006 When you set up the proxy settings on the windows machine did you tell it the correct port. The two computers seem to be actually communicating or the ping from the linux would not work. Reason ping does not work the other way is that ping responses are most likely disabled by the standard firewall settings. To configure Shorewall you will find half the files in /etc/shorewall/ some reference files in another directory i cannot think of it right now. But you will see this in the files in that directory. 3127 or 3128 is the default port for squid i think. If you are not sure first turn off the shorewall type as the root user shorewall stop then test then restart it again. shorewall start Quote Link to comment Share on other sites More sharing options...
r_balest Posted November 8, 2006 Author Report Share Posted November 8, 2006 @michael: thanks for the reply... but I have even removed the shorewall service but stiill i couldn't ping from windows box to linux... the logic is, if i can't even ping my linux box, then the proxy wont work right? now i have to do something so that windows box can recognize the linux network somehow... Quote Link to comment Share on other sites More sharing options...
michaelcole Posted November 8, 2006 Report Share Posted November 8, 2006 if you are getting a reply from the Windows machine when you do a ping.. then the windows machine can find the server.. The other thing you may want to do is add a gateway to the windows box which is the internal ip address of the linux ( gateway- firewall - proxy ) machine. Can you surf the web from the linux machine right now. the other thing is you may not be able to surf as the windows machine cannot find the DNS record try an external IP address. such as 64.236.16.20 (www.cnn.com) Quote Link to comment Share on other sites More sharing options...
r_balest Posted November 8, 2006 Author Report Share Posted November 8, 2006 no, i get a "Request time out" everytime i ping . And I can browse to the internet from my Linux box without entering proxy or anything like that... Quote Link to comment Share on other sites More sharing options...
michaelcole Posted November 8, 2006 Report Share Posted November 8, 2006 In your first comment you said you could ping to the WinXP box is that correct? Check your gateway settings on the XP box and disable the XP firewall settings for the moment.. The gateway should be 192.168.9.213 On the linux box as root type mcc go to the networking icon and select share the internet connection with other local machines. It should install any files you need and configure the settings for you after you go through the options. then you should be able to from the XP machine ping an external IP address eg the CNN one i gave above. and also surf the internet (With and without the squid proxy setting.) you can then lock down surfing using the firewall so it all has to go through the Proxy. try this... It worked for me in my other office. Quote Link to comment Share on other sites More sharing options...
ianw1974 Posted November 8, 2006 Report Share Posted November 8, 2006 If Linux is managing the connection, you don't need to use internet connection sharing in Windows XP. So don't attempt to share the connection on your XP boxes. It's strange that you can't ping it. If they are in the same IP range/subnet, then they should work. Check your ip settings. Quote Link to comment Share on other sites More sharing options...
r_balest Posted November 8, 2006 Author Report Share Posted November 8, 2006 hmm... michael and ian: believe it or not I tried clicking the internet share connection on my LINUX box...and it worked... i wonder... should i do this EVERYTIME? o yeah: a bit off topic here: how do i turn off Kat Desktop Search Environment... it's bugging me... thanks guys... Quote Link to comment Share on other sites More sharing options...
ianw1974 Posted November 8, 2006 Report Share Posted November 8, 2006 The easiest and best way is: urpme kat it's a complete waste of time and best to remove. If you've done the connection sharing in Linux, it should then allow you to work with this each and every time the system is restarted, or are you having problems with this and have to run it each time? Quote Link to comment Share on other sites More sharing options...
r_balest Posted November 8, 2006 Author Report Share Posted November 8, 2006 no, i haven't restarted my linux box yet... too scared to restart it. i'm afraid it won't work anymore :P btw, i wanna ask something i have a client [windows xp] and she's downloading using bittorrent client [bitcomet] but i saw in the /var/log/squid/access.log it's written: 1159565630.084 1 192.168.9.46 TCP_DENIED/403 1350 CONNECT tracker.prq.to:80 - NONE/- text/html now, what should i do? please help...coz my boss want her to be able to download from torrent... on the bitcomet i set the preference: proxy: 192.168.9.213 [my linux box] port 80, listen port : 9695 thanks a lot guys Quote Link to comment Share on other sites More sharing options...
ianw1974 Posted November 8, 2006 Report Share Posted November 8, 2006 You'd have to configure squid to allow the port through. Is the torrent downloading fine though? Quote Link to comment Share on other sites More sharing options...
r_balest Posted November 8, 2006 Author Report Share Posted November 8, 2006 (edited) :) no, currently, she can't download a thing and i'm the one who get scolded if she can't download anything...:) where should i allow the port, ian? thanks edit: umm...seemed that I didn't backup the original squid configuration... can somebody please send it to me, the squid original configuration... Thanks... Edited November 8, 2006 by r_balest Quote Link to comment Share on other sites More sharing options...
ianw1974 Posted November 8, 2006 Report Share Posted November 8, 2006 With squid, you need to set access rules and stuff, you can look at /etc/squid/squid.conf and then look for http_access entries lower down the file from the middle down. Above this are access control lists that usually start: acl name_of_list parameters then you set a http_access for this acl to allow, and for what machines, etc. Quote Link to comment Share on other sites More sharing options...
r_balest Posted November 8, 2006 Author Report Share Posted November 8, 2006 but how do i enter the port number 9596, ian? can you please post the configuration here and if u can, please direct me to the original squid configuration file. thanks Quote Link to comment Share on other sites More sharing options...
ianw1974 Posted November 8, 2006 Report Share Posted November 8, 2006 I'll have to take a look to remind myself, I'll post back shortly. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.