Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Internet Access

Status
Not open for further replies.
opensky

opensky

Technical User
Aug 9, 2001
32
PK
I installed RedHat 7.1 DNS, NIS and Appache server all working well. I can access Internet from my server with configuration in Netescape "Directly connected to Internet". I can send emails from my server to other network like hotmail. But could't get emails from outside world.

But I want my server should be proxy server. My clients machine can configured my Server's IP in his/her browsers and can access internet. But my server is not forwarding request from clients to internet. My Apache server is looking on localhost server and showing error message to clients that following url is not found. Althoug client machines can get local web site hosted in my Apache server.

Apache configured.
routing is enabled.
DNS working fine.
sendmail is sending emails but could not receive?



Please Help.





 
Sort by date Sort by votes
Hi,





Apache does have a limited proxy capability via mod_proxy --> . However, most people use either squid as a http proxy server --> or, even simpler, they just use IP masquerdaing to 'share' the internet connection transparently. For the latter, you can just put a few lines in your /etc/rc.d/rc.local file :





echo 1 >/proc/sys/net/ipv4/ip_forward


/sbin/modprobe ipchains


/sbin/ipchains -P forward DENY


/sbin/ipchains -A forward -i eth1 -s 172.16.16.0/24 -j MASQ





(Where eth1 is an example of the internet interface on the linux box and 172.16.16.0/24 indicates the lan subnet to masquerade)





For masquerading, all you need to do on the clients is set the default gateway to the linux box and configure the IP addresses of your ISP's dns servers. You could do that with DHCP if you were using that. Otherwise on the DNS, you can point clients at your machine and have your server setup to resolve all external names.





The main advantages of using squid vs masquerading are that it does all the dns side itself, it caches pages for better performance (depends how much people ask for the same content), and it allows fairly granular control such as only permitting access at certain times of day. The disadvantage is that it only does http - not ftp, etc.

If you don't have squid installed ('rpm -q squid') its probably on your CDs or get it from --> ftp://rpmfind.net/linux/redhat/7.1/en/os/i386/RedHat/RPMS/squid-2.3.STABLE4-10.i386.rpm
. Download and install as root with :

rpm -Uvh squid*.rpm



On the email, are you hosting your own domain's email - i.e. do the MX records point to you. If so, double-check your firewall settings (/usr/sbin/lokkit) and make sure you are allowing inbound port 25.





Regards
 
Upvote 0 Downvote
1st of all thanks for ur reply.

When i am typing following command as root login its showing me error message like:

echo 1> /proc/sys/net/ipv4/ip_forward

error is:
bash: /proc/sys/net/ipv4/ip_forward: Permission denied

Can u tell me how I get rid of this problem?

I also checked firwall settings with (/usr/sbin/lokkit)

but every time i am allowing incoming email and pressing ok. But when I am going back again with /usr/sbin/lokkit the setting were same no change. I mean it could save the configuration always set previous firewall settings as HIGH?
 
Upvote 0 Downvote
Hi,





Are you sure you did the following as root (i.e. from a # prompt?)





echo 1> /proc/sys/net/ipv4/ip_forward





If it definitely gives an error - what does this command show ?





ls -l /proc/sys/net/ipv4/ip_forward





Its, redhat specific but you can also try editing /etc/sysconfig/network and changing :





FORWARD_IPV4=false


to


FORWARD_IPV4=true





That should do the same thing when the network is started.





On lokkit, that seems to be quite problematic for some people - As far as I can work out it doesn't really edit its own file so everytime you run it you get the suggested default of 'high' irrespective of how you last set it. You can see the output it creates in the following file :





/etc/sysconfig/ipchains





The lines there are basically ipchains commands without the 'ipchains' in front of them - that file is read by a script that takes the lines and executes ipchains commands using them as parameters. You can also check your current effective rules by doing:





/sbin/ipchains -L





If you want to stop the firewall temporarily for testing if its causing a problem do :





/etc/rc.d/init.d/ipchains stop








Hope this helps

















 
Upvote 0 Downvote
Just a note to let you both know that this info provided the solution to the problem I've been having since installing my Linux server two weeks ago. Ifincham presented the commands I needed to forward addresses and allow my clients access to the web. Thank you! s-)
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

hobbytech
  • Locked
  • Question
Internet not connecting
Replies
5
Views
181
Stephen_Hawk
Stephen_Hawk
fayevalentine
  • Locked
  • Question
cannot access shared folder 1
Replies
2
Views
77
SamBones
SamBones
ahm1985
  • Locked
  • Question
test internet connection failed to mail server
Replies
4
Views
126
ahm1985
ahm1985
Channel4
  • Locked
  • Question
Accessing Apache Over Internet
Replies
2
Views
66
spamjim
spamjim
3ds
  • Locked
  • Question
How to access my Apex application as a website
Replies
3
Views
193
ChrisHirst
ChrisHirst

Part and Inventory Search

Sponsor

Back
Top