Just curious, why do you run DHCP by itself on one box on a 4 node network. That could easily be moved to the firewall or combined on one of the other boxes. It usually is combined with DNS. I know that is not the point of your question, but I don't understand the need for a separate box.
Never heard of privoxity so I'll have to check it out. I assume it is an add-on to squid. I also don't understand the need for a proxy of this sort for one person. Are you just playing around or do you need to test this setup for something. Sorry, I just don't see the point.
Brian Kelsay
hanasaki <> 09/24/04 09:54PM >>>
the network is
Internet <=> firewall Linux with two NICs firewall <=> internal network
The internal network has hosts with the following: hostA - one NIC SMTP hostB - one NIC http/https hostC - one NIC DHCP server hostD - one NIC squid http proxy : port 8080 privoxity http proxy filter : port 8081 privoxity forwards to squid squid sends to the outside world should the order be swapped? why? why not?
The DHCP server tells clients to route via hostD
How can hostD be setup so that it is a transparent proxy? Currently all clients set their http proxy to hostD on the privocity port. I know some IPtables rules will be needed on hostD, but don't know what to set. Will routing rules need to be set on hostD? What are they?
Hi,
On Mon, Sep 27, 2004 at 08:47:23AM -0500, Brian Kelsay wrote:
Just curious, why do you run DHCP by itself on one box on a 4 node network. That could easily be moved to the firewall or combined on one of the other boxes. It usually is combined with DNS. I know that is not the point of your question, but I don't understand the need for a separate box.
Never heard of privoxity so I'll have to check it out. I assume it is an add-on to squid. I also don't understand the need for a proxy of this sort for one person. Are you just playing around or do you need to test this setup for something. Sorry, I just don't see the point.
I have run squid on my one node network for a long time and I find it very useful. The best my modem can do is 26400 (when its not raining) so any speed up in web surfing is easy to detect. When I find it necessary to use a graphical browser squid will locally cache a lot of the jpeg stuff that never changes but takes time to download. The first hit of a web site may take a while but further hits are quicker.
I think he means privoxy which is just the new name for the new and improved junkbuster. Privoxy works well with squid to even further reduce the load on my poor phone line with the added side benefit of making my surfing experience more pleasant by removing annoying commercial junk.
I also run a cache only DNS on my single node net but it is harder to tell the improvement this provides.
-
Brian Kelsay -
Uncle Jim