Where can I find those mini/nano ITX casing?
I wanted to use those router distro for a long time but it is too bulky on my old box.
DIY Router, Turning ur old pc into gaming router
|
|
 Oct 29 2006, 01:21 PM
Return to original view | Post
#1
|
 
Senior Member
700 posts Joined: Aug 2005 
|
|
Quote|
|
|
|
|
Oct 29 2006, 03:13 PM
Return to original view | Post
#2
|
|
Senior Member
700 posts Joined: Aug 2005
|
Damn I was about to download ClarkConnect but the community edition doesn't have support for multi-WAN connections, so I'll go for pfSense instead... maybe
Does ClarkConnect has a transparent squid built-in? can I compile custom applications? I hope it allows me to bind with another ethernet interface & manually divert high bandwidth connections to another gateway. |
|
|
Oct 30 2006, 02:37 AM
Return to original view | Post
#3
|
|
Senior Member
700 posts Joined: Aug 2005
|
QUOTE(angeldothack @ Oct 29 2006, 08:07 PM) bind with another eth interface - ..? sorry, i'm not that good with networking stuff. but u can specify what the eth role, and what it's function. anyway, if the builtin webgui doesn't satisfy you (very basic function), you can install webmin (custom for cc, just use apt-get install)for advance administration what i mean is I wanted to make it capable of handling multi WAN connections even though the community version doesnt have or allow that feature enabled.  |
|
|
Nov 2 2006, 03:34 AM
Return to original view | Post
#4
|
|
Senior Member
700 posts Joined: Aug 2005
|
I dont see a built-in hotspot management system for clarkconnect, guess you need to install it manually.
Is it possible to route transparent squid traffics binded on a virtual IP to another gateway? or better, route transparent squid traffics to another gateway without virtual IP (so I spend less time with the configurations). If yes then I'm gonna hook my new box to the "real" world tomorrow  This post has been edited by strace: Nov 2 2006, 03:46 AM |
|
|
Nov 2 2006, 01:18 PM
Return to original view | Post
#5
|
|
Senior Member
700 posts Joined: Aug 2005
|
buy an internal modem?
|
|
|
Nov 2 2006, 02:35 PM
Return to original view | Post
#6
|
|
Senior Member
700 posts Joined: Aug 2005
|
Nope you can't do that but there is a ADSL modem PCI adapter. There is no guarentee if kernel can detect teh devices or not
|
|
|
|
|
|
Nov 2 2006, 10:11 PM
Return to original view | Post
#7
|
|
Senior Member
700 posts Joined: Aug 2005
|
QUOTE(mokona_modoki @ Nov 2 2006, 06:48 PM) Sorry, i'm pretty outdated with current software trends for router. What is the relations between virtual IP and squid ? Do you mean: CODE a) user PC -> squid <-> router<->internet Or, b) user PC -> router <-> squid | internet For a) it's quite obvious, you'll need to set router as gateway for squid proxy. In b) case, you'll need NAT. For Linux with iptables, see: http://tldp.org/HOWTO/TransparentProxy-6.html#ss6.2 CODE Clients -> router -> WAN1 (default) | | + squid -> WAN2 *Router & squid are from the same machine. I need to bind squid with a virtual IP then route add virtualip gw wan2 ethx so that squid will use WAN2 connection, correct? |
|
|
Nov 3 2006, 12:07 PM
Return to original view | Post
#8
|
|
Senior Member
700 posts Joined: Aug 2005
|
QUOTE(mokona_modoki @ Nov 2 2006, 11:27 PM) First, let's redraw the diagram: Wow, clarkconnect doesn't have development tools installed by default. Besides this software will expire within a year, I dont want to recompile the kernel again annually.CODE Clients -> router -> WAN1 (other traffic) | | WAN2(squid traffic only, eg: http) To simplified, what you want is to route based on tcp port number. I'm not sure what OS you're using but it can be done as follow (in Linux iptables lingo): 1 - use NAT to redirect tcp destination port(dport) 80 to 3128(squid port). You'll also need MASQ/DNAT here for return packet... iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128 2 - use packet mangle, set all traffic with tcp dport 80 to some MARK value(let say 2). iptables -A PREROUTING -i eth0 -t mangle -p tcp --dport 80 -j MARK --set-mark 2 3 - use iproute2 to route all traffic marked with 2 to pass through WAN2 echo 202 www.out >> /etc/iproute2/rt_tables ip rule add fwmark 2 table www.out ip route add default via WAN2_IP_ADDR dev wan2 table www.out ip route flush cache Well, quite interesting setup you have there.. I'm not sure if my instruction work or not(as i never test that) but i think it will. You may need to change/play around it to test. Feedbacks are welcomed. After all, i'm still n00bish in this kind of things EDITED:-- after some re-read i think my packet mangling section is wrong... We should mark packet output from squid not incoming. So, the question is how to mark packet outputted from squid ?... EDITED:-- Some answers: http://lists.netfilter.org/pipermail/netfi...ril/060108.html http://www.squid-cache.org/mail-archive/sq...00505/0698.html Since squid packets can't be marked without ROUTE mangle, how about I put it this way: CODE Clients -> router -> WAN1 (squid traffics) | | WAN2(other traffics) Yes this is more simple, divert all connections excluding squid/other ports to WAN2. Sorry, I'm really bad with iptables  |
|
|
Nov 3 2006, 12:33 PM
Return to original view | Post
#9
|
|
Senior Member
700 posts Joined: Aug 2005
|
yeah, security wise yes but not that much. You wouldn't know some people who managed to break in might compile sniffers or custom "files" in your router.
|
|
|
Nov 4 2006, 07:16 PM
Return to original view | Post
#10
|
|
Senior Member
700 posts Joined: Aug 2005
|
QUOTE(mokona_modoki @ Nov 3 2006, 07:04 PM) In former problem: Thanks, I'll try that on monday No, there is no need for squid patching. My mangle rule is wrong, the correct one is already answered in the mailing list.....blah blah |
| Change to: |  0.0187sec
 0.48
 7 queries
 GZIP Disabled
Time is now: 16th December 2025 - 12:31 PM |
All Rights Reserved © 2002- 2025 Vijandren Ramadass (~unite against racism~)
Powered by Invision Power Board © 2025 IPS, Inc.