RE: [squid-users] Transparent Proxy not working 100%

From: Vik Heyndrickx <[email protected]>
Date: Thu, 27 Jan 2005 20:53:17 +0100

> -----Original Message-----
> From: Steph [mailto:steph@gabswave.net]
> Sent: Thursday, January 27, 2005 4:47 PM
> To: squid-users@squid-cache.org
> Subject: FW: [squid-users] Transparent Proxy not working 100%
>
> Squid Box:
> iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 80 -j REDIRECT
> --to-port 3128
>
> Squid Confic File:
> httpd_accel_host virtual
> httpd_accel_port 80
> httpd_accel_with_proxy on
> httpd_accel_uses_host_header on
> acl staff src 10.6.0.0/24
> http_access allow bbi
>
>
> Any ideas would be greatly appreciated.
> Kind Regards
> Steph
>
>
>
>

This is my complete squid-2.5.STABLE6-3 configuration file. It works as a
transparent proxy, and according to the log files it works OK.

http_port xxx.xxx.xxx.xxx:8081
icp_port 0
snmp_port 0
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
cache_mem 64 MB
cache_peer xxx.xxx.xxx.xxx parent 8080 0 no-query round-robin
cache_peer xxx.xxx.xxx.xxx parent 8080 0 no-query round-robin
cache_peer xxx.xxx.xxx.xxx parent 8080 0 no-query round-robin
refresh_pattern -i ^http:.*\.html$ 1440 20% 10080
refresh_pattern -i ^http:.*\.htm$ 1440 20% 10080
refresh_pattern -i ^http:.*\.pdf$ 10080 50% 40320
refresh_pattern -i ^http:.*\.ps$ 10080 50% 40320
refresh_pattern -i ^http:.*\.gif$ 10080 50% 40320
refresh_pattern -i ^http:.*\.png$ 10080 50% 40320
refresh_pattern -i ^http:.*\.jpg$ 10080 50% 40320
refresh_pattern -i ^http:.*\.jpeg$ 10080 50% 40320
refresh_pattern -i ^http:.*\.mpeg$ 10080 50% 40320
refresh_pattern -i ^http:.*\.mpg$ 10080 50% 40320
refresh_pattern -i ^http:.*\.wmv$ 10080 50% 40320
refresh_pattern -i ^ftp: 1440 20% 10080
refresh_pattern -i ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
acl all src 0.0.0.0/0.0.0.0
acl HTTP proto HTTP
http_access allow all
never_direct allow HTTP
ie_refresh on
log_mime_hdrs off
maximum_object_size 16384 KB
cache_dir ufs /var/spool/squid 10820 64 64
header_access X-Forwarded-For deny all
header_access Via deny all
header_access Accept-Encoding deny all
never_direct allow all
always_direct deny all

If anyone has any comments about this, _please_ shoot.

--
Vik
Received on Thu Jan 27 2005 - 12:53:26 MST

This archive was generated by hypermail pre-2.1.9 : Mon Mar 07 2005 - 12:59:36 MST