Hello, I have configured a squid transparent proxy in my network with the instructions found here : http://www.shorewall.net/Shorewall_Squid_Usage.html#Local This works perfectly, and has been like that for ages. But I followed the instructions like a robot, and I don't really understand every instruction (I understand the logic, but didn't want nor have to read the whole shorewall TC documentation to make it work). Now I have a VoIP server in my network, and would like to prioritize trafic to/from that service (the protocol is IAX, so quite easy to handle). The easiest would be to switch to TC_ENABLED=Simple, but then my squid setup wouldn't work anymore. So my question : is there a way to handle a squid transparent proxy with TC_ENABLED=Simple ? Alternatively, is there a simple way to prioritize IAX traffic to/from my VoIP server in my current configuration ? Thanks, -- Rémi ------------------------------------------------------------------------------ ThinkGeek and WIRED's GeekDad team up for the Ultimate GeekDad Father's Day Giveaway. ONE MASSIVE PRIZE to the lucky parental unit. See the prize list and enter to win: http://p.sf.net/sfu/thinkgeek-promo _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
On 6/17/10 2:28 AM, Rémi Letot wrote:> Hello, > > I have configured a squid transparent proxy in my network with the > instructions found here : > > http://www.shorewall.net/Shorewall_Squid_Usage.html#Local > > This works perfectly, and has been like that for ages. But I followed > the instructions like a robot, and I don''t really understand every > instruction (I understand the logic, but didn''t want nor have to read > the whole shorewall TC documentation to make it work). > > Now I have a VoIP server in my network, and would like to prioritize > trafic to/from that service (the protocol is IAX, so quite easy to > handle). The easiest would be to switch to TC_ENABLED=Simple, but then > my squid setup wouldn''t work anymore.I don''t understand why your Squid setup would be affected by setting TC_ENABLED=Simple; please explain. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ ThinkGeek and WIRED''s GeekDad team up for the Ultimate GeekDad Father''s Day Giveaway. ONE MASSIVE PRIZE to the lucky parental unit. See the prize list and enter to win: http://p.sf.net/sfu/thinkgeek-promo
Tom Eastep <teastep@shorewall.net> writes:> On 6/17/10 2:28 AM, Rémi Letot wrote: >> Hello, >> >> I have configured a squid transparent proxy in my network with the >> instructions found here : >> >> http://www.shorewall.net/Shorewall_Squid_Usage.html#Local >> >> This works perfectly, and has been like that for ages. But I followed >> the instructions like a robot, and I don't really understand every >> instruction (I understand the logic, but didn't want nor have to read >> the whole shorewall TC documentation to make it work). >> >> Now I have a VoIP server in my network, and would like to prioritize >> trafic to/from that service (the protocol is IAX, so quite easy to >> handle). The easiest would be to switch to TC_ENABLED=Simple, but then >> my squid setup wouldn't work anymore. > > I don't understand why your Squid setup would be affected by setting > TC_ENABLED=Simple; please explain.squid is configured as a transparent proxy. That means that the machines in my network do not need to be configured to use the proxy, they don't even know that they are proxied. Shorewall is just configured to transparently redirect all http trafic to the proxy using the instructions found here : http://www.shorewall.net/Shorewall_Squid_Usage.html#Local Those instruction seem to depend on TC_ENABLED=internal The squid configuration itself is not impacted, but squid won't receive any traffic if shorewall stops redirecting it. Thanks, -- Rémi ------------------------------------------------------------------------------ ThinkGeek and WIRED's GeekDad team up for the Ultimate GeekDad Father's Day Giveaway. ONE MASSIVE PRIZE to the lucky parental unit. See the prize list and enter to win: http://p.sf.net/sfu/thinkgeek-promo _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
On 6/18/10 2:10 AM, Rémi Letot wrote:> Those instruction seem to depend on TC_ENABLED=internalThose instructions do not mention TC_ENABLED at all. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ ThinkGeek and WIRED''s GeekDad team up for the Ultimate GeekDad Father''s Day Giveaway. ONE MASSIVE PRIZE to the lucky parental unit. See the prize list and enter to win: http://p.sf.net/sfu/thinkgeek-promo
On 6/18/10 5:44 AM, Tom Eastep wrote:> On 6/18/10 2:10 AM, Rémi Letot wrote: > >> Those instruction seem to depend on TC_ENABLED=internal > > Those instructions do not mention TC_ENABLED at all.The tcrules file is processed for all settings of TC_ENABLED except TC_ENABLED=No. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ ThinkGeek and WIRED''s GeekDad team up for the Ultimate GeekDad Father''s Day Giveaway. ONE MASSIVE PRIZE to the lucky parental unit. See the prize list and enter to win: http://p.sf.net/sfu/thinkgeek-promo