[Dnsmasq-discuss] Re: using squid with dnsmasq and hosts file
Troy Piggins
troy at piggo.com
Fri Aug 1 21:36:24 BST 2008
* sbolic wrote :
>* Troy Piggins wrote:
>>* sbolic wrote :
[ Please don't top-post in technical groups, and please don't
email directly to me, keep it in the list. Thanks.]
>>> I am a new user of dnsmasq using squid on my network.
>>> dnsmasq with dhcp works fine and I need help to config dhcp
>>> to send proxy parameters to clients to force them to use
>>> squid. Can you help me with this or just post your
>>> dnsmasq.conf file.
>>
>> I have set this up recently using iptables, squid, dnsmasq.
>> It's called a transparent proxy. What version of squid are
>> you using? The solution varies slightly from V2 to V3 I
>> think, and also on your network arrangement - what box are you
>> running squid, iptables, dnsmasq on? On mine, they're all the
>> same box.
>
> SuSe 10.2 Squid 2.6 IPTables-1.3.6.-20 Dnsmasq 2.45 all on the
> same box.. Small company network (workgroup) with 15
> workstations. Box is the main server which role has to be :
> Samba server (as domain controller), Nat router, Proxy and
> Firewall and Postfix Mail server. Simon Kelley post me some
> ideas for "wpad", I am working on it but i am not familiar with
> WebServer/Apache so i need little bit time. Finale gaol is to
> setup domain network (Linux server with windows workstations)
> same as under Windows server (except Active Directory).
> Sending proxy parameters, batch job like maintenance profiles
> etc. Please take a look on Simon Kelley post. If you need i
> can send you all of my parameter including conf files.
I saw Simon's post. I was offering you an alternative solution.
I'm using Squid 3. But when I googled it, most solutions on the
internet seemed to be for 2.x versions of Squid anyway. I
googled "squid transparent proxy iptables" when I was searching.
Basically you put a rule like this in your iptables firewall,
which redirects any traffic coming from your LAN interface
(substitute eth0, eth1 etc for $LAN_IFACE or set it as a
variable), destined for port 80 to your squid port 3128
(default).
# iptables -t nat -A PREROUTING -p tcp -i $LAN_IFACE --dport 80 -j REDIRECT --to-port 3128
Then you need to adjust your squid conf file. It's a very well
documented and commented file. These are the things to adjust,
as I understand it, for squid 2.x :
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
Reload/restart squid and I think that's it...
Oooooooh, bugger. I just re-read your OP and saw it was for DHCP
requests not what I thought. Oh well, I'll leave this hear
because it might be handy for you as another solution.
--
Troy Piggins
More information about the Dnsmasq-discuss
mailing list