Community discussions

MUM Europe 2020
 
nina
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 51
Joined: Sat Jan 29, 2011 1:30 am

MT+external squid(transparent)

Sat Feb 19, 2011 2:46 pm

I search through forum but cannot found situation which is similar to me

Is it possible to:

clients->MT->squidbox -> MT -> internet

Im not working with private pools only public pools (routed ip)

MT have 3 ethers(one for clients, one for squid box, one for internet)
squid have one ethernet port

any options?
 
nina
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 51
Joined: Sat Jan 29, 2011 1:30 am

Re: MT+external squid(transparent)

Mon Feb 28, 2011 1:15 am

Solved!
 
rumiclord
Frequent Visitor
Frequent Visitor
Posts: 65
Joined: Fri Jul 23, 2010 10:20 pm

Re: MT+external squid(transparent)

Fri Mar 11, 2011 7:18 pm

hello nina, would you be nice enough to share what you found out. I am using:
/ip firewall nat
chain=dstnat action=dst-nat to-addresses=172.16.1.1 to-ports=3128 
     protocol=tcp src-address=172.16.0.2 in-interface=ether2 dst-port=80 
Getting error "The requested URL could not be retrieved"
The following error was encountered:
Invalid Request

However everything works fine if i disable the nat rule and place the proxy info into Internet Exploder. I am wondering if this is similar to what you encountered.
 
User avatar
sjwrick
Frequent Visitor
Frequent Visitor
Posts: 77
Joined: Tue Jul 25, 2006 10:12 pm

Re: MT+external squid(transparent)

Sun Mar 13, 2011 8:15 am

Doing thia for a school. We are using dansguardian with squid along with mikrotik transparent proxy.

I use port 8080 for dansguardian. If you don't use dansguardian I think you'd use squid port 3128
ofcourse

/ip address print
0 10.1.1.1/24 10.1.1.0 10.1.1.255 Lan
1 10.1.2.1/24 10.1.2.0 10.1.2.255 Proxy
2 192.168.x.2/30 192.168.x.0 192.168.x.3 RealWord

/ip firewall nat print
chain=dstnat action=redirect to-ports=8080 protocol=tcp src-address=10.1.1.0/24 dst-port=80
chain=srcnat action=masquerade src-address=10.1.1.0/24 out-interface=RealWord
chain=srcnat action=masquerade src-address=10.1.2.0/24 out-interface=RealWord

/ip proxy print
enabled: yes
src-address: 0.0.0.0
port: 8080
parent-proxy: 10.1.2.2
parent-proxy-port: 8080
cache-administrator: "webmaster"
max-cache-size: unlimited
cache-on-disk: no
max-client-connections: 600
max-server-connections: 600
max-fresh-time: 3d
serialize-connections: no
always-from-cache: no
cache-hit-dscp: 4
cache-drive: system

Rick
 
rumiclord
Frequent Visitor
Frequent Visitor
Posts: 65
Joined: Fri Jul 23, 2010 10:20 pm

Re: MT+external squid(transparent)

Thu Mar 17, 2011 3:54 pm

OK I have solved the issue with the proxy not loading pages for the end users. In the webmin under squid -> Proxy and Networking. The proxy addresses and ports Option field needs the word "Transparent" without quotes. However I am running into an issues with the proxy timing out on pings when running the squid service, also clients are complaining that some pages will not load or that the internet is running very slow. If anyone has some insist on this issue please let us know, but i imagine this is a question for the squid forum at this point.
 
nina
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 51
Joined: Sat Jan 29, 2011 1:30 am

Re: MT+external squid(transparent)

Wed Mar 23, 2011 3:06 pm

Rumiclord,


1.You must have good hardware for proxy, min core 2 duo, 4gb ram and etc etc

2.Squid.conf must be very well optimized to get maximum performance.

regards
 
rumiclord
Frequent Visitor
Frequent Visitor
Posts: 65
Joined: Fri Jul 23, 2010 10:20 pm

Re: MT+external squid(transparent)

Wed Apr 13, 2011 7:48 pm

Intel(R) Xeon(R) CPU E5430 @ 2.66GHz, 8 cores
RAM: 15.86 GB total, 607.59 MB used

The hardware is not the issue. I think i found some threads about needing to upgrade to a new squid version, then something about webmin needed to be recompiled, but real work has side tracked me from this issue. I will post results when I get a working config.

Who is online

Users browsing this forum: alexcherry, casperjjordaan, Google [Bot], gurvkukreti, JohnNL, Kindis, mradil606 and 167 guests