1

I'm trying to set up a squid proxy server using Ubuntu server 12.04

I'm very new to Ubuntu but I have managed to get some simple things done.

I bought a second PCI interface and have managed to install it on the server.

My goal is to forward all packets from one interface (or subnet) to another. I think this is one of the first steps before configuring squid itself.

From my Ubuntu server I can ping devices in both subnets. but from my laptop, which is in subnet 192.168.0.0 /24, I cannot ping my router, which is in the other subnet 192.168.1.0/24.

Both router and laptop respond to ICMP requests when sent from my Ubuntu server.

I have also activated net.ipv4.ip_forward=1 in sysctl.conf

output of sudo ip route :

default via 192.168.1.254 dev eth1 metric 100
192.168.0.0/24 dev eth0 proto kernel scope link src 192.168.0.200
192.168.1.0/24 dev eth1 proto kernel scope link src 192.168.1.200

output of sudo iptables -nvL :

Chain INPUT (policy ACCEPT 339 packets, 55782 bytes) 

Chain FORWARD (policy ACCEPT 185 packets, 12382 bytes) 

Chain OUTPUT (policy ACCEPT 276 packets, 25481 bytes)

Do you have any idea why this setup won't work? I'm sure I'm missing something.

GMX750
  • 13
  • 4
  • Please provide the output of `iptables -nvL`. Can you ping the server's IP in the same subnet as the laptop (i.e. 192.168.0.200)? – mgorven Jul 10 '12 at 04:41
  • `Chain INPUT (policy ACCEPT 339 packets, 55782 bytes) Chain FORWARD (policy ACCEPT 185 packets, 12382 bytes) Chain OUTPUT (policy ACCEPT 276 packets, 25481 bytes) ` I cannot figure out this mini-Markdown formatting -.-" – GMX750 Jul 10 '12 at 18:18
  • Rather edit your question when adding additional information. – mgorven Jul 10 '12 at 18:50
  • Can you ping the server's IP in the same subnet as the laptop (i.e. 192.168.0.200)? What's the default gateway on the laptop? – mgorven Jul 12 '12 at 00:49
  • Yes i can ping 192.168.0.200 and 192.168.1.200 as well. my laptop's default gateway is 192.168.0.200. – GMX750 Jul 12 '12 at 08:28
  • Have you configured the router with a route to 192.168.0.0/24? – mgorven Jul 12 '12 at 16:42
  • No I have not. I was trying to do that yesterday, since the router does not know about the 192.168.0.0 network, It forwards the packets to my ISP. how can I add a route on an ISP provided, web managed router? It is a Thomson TG787 router – GMX750 Jul 13 '12 at 10:50

2 Answers2

1

The problem is that the router you are trying to contact doesn't know how to route the packets back to the laptop, since it doesn't know about the 192.168.0.0/24 subnet. The packets from the laptop arrive at the router, but the response packets either get sent to the wrong place (the Internet), or don't get sent at all.

You need to configure the router with a static route for 192.168.0.0/24 via 192.168.0.200. Doing this depends on the specific router you have, but look through the web interface for a section about routing.

mgorven
  • 30,615
  • 7
  • 79
  • 122
  • Thanks for the repply. I have been thinking about the problem and yes you are right. my router does not know about the two networks reachable from the same interface. It's a Speedtouc Thomson TG787. I will have a look at the CLI reference guide. Thanks again – GMX750 Jul 15 '12 at 21:34
0

To enable Linux to route packets between interfaces, turn on IPv4 routing by running this command:

sysctl -w net.ipv4.ip_forward=1

To make it a permanent change, add it to /etc/sysctl.conf:

net.ipv4.ip_forward = 1
Michael Hampton
  • 244,070
  • 43
  • 506
  • 972
  • thanks for the reply, but, I already did that. "I have also activated net.ipv4.ip_forward=1 in sysctl.conf" – GMX750 Jul 10 '12 at 09:21