FW: [squid-users] Transparent Proxy not working 100%

From: Steph <[email protected]>
Date: Thu, 27 Jan 2005 17:47:05 +0200

Anybody?

HI there,

I most probably screwed it up somewhere by either
misreading/misunderstanding something when I've setup my transparent
proxy, hence the reason why I'm turning to all you guru's folks over
here.

The problem is that I think my proxy server is going directly for each
site and not checking the cache first each time I either try and
download something or when opening a new page. I've checked the log file
and its definitely caching the new pages when I visit them; it's just
not giving them to me out of the cache when I go there the second time.

Everything works 100% the moment I specify the proxy server manually in
my browser. The way I've tested this was to download a 1m file. First I
specified the proxy manually and on this attempt when I downloaded it
the second time it came from the cache. But when I tried it
transparently it downloaded the file again directly from the site
although I did see the entry pop up in my access.log file.

Here's my setup
================

I'm running squid-2.5.STABLE7
iptables v1.2.8 <Squid BOX>
iptables v1.2.11 <Firewall Box>

IPTABLES:
Firewall Box:
iptables -t mangle -A PREROUTING -j ACCEPT -p tcp --dport 80 -s
193.219.214.12
iptables -t mangle -A PREROUTING -j MARK --set-mark 3 -p tcp -s
10.6.0.0/24 --dport 80
ip rule add fwmark 3 table 2
ip route add default via 193.219.214.12 dev eth2 table 2

Squid Box:
iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 80 -j REDIRECT
--to-port 3128

Squid Confic File:
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
acl staff src 10.6.0.0/24
http_access allow bbi

Any ideas would be greatly appreciated.
Kind Regards
Steph
Received on Thu Jan 27 2005 - 08:46:50 MST

This archive was generated by hypermail pre-2.1.9 : Mon Mar 07 2005 - 12:59:36 MST