So I’m setting up a testing network in side the office network. The front end is a machine running debian. Its running shorewall, squid, bind9, dhcpd, pptpd, etc (you get the idea). The test net is routed through the debian machine — so I can bring on new random machines and make sure they dont play mean w/ any other machine inside the office. As I set things up I’m taking little notes here to snowulf so I can remember what goodies there are.
To turn on packet forwarding & making MASQ work in iptables, make sure to add the following line to `/etc/sysctl.conf:
net.ipv4.ip_forward=1`
Also to apply the changes right now w/o reboot:
echo 1 > /proc/sys/net/ipv4/ip_forward
The line's for shorewall to passive redirect all http/ssl/ftp requests to squid:
REDIRECT INT 3128 tcp 80<br />
REDIRECT INT 3128 tcp 443<br />
REDIRECT INT 3128 tcp 23
To make squid work in transperent mode (Good doc here):
httpd_accel_host virtual<br />
httpd_accel_port 80<br />
httpd_accel_with_proxy on<br />
httpd_accel_uses_host_header on