Re: [squid-users] transparent proxy

From: Askar <[email protected]>
Date: Wed, 30 Mar 2005 10:02:22 +0500

jcd.van.dijk@hccnet.nl wrote:

>Hello
>
>I can not get squid to work transparent.
>
>I have the following in ipchains
>
>-A input -p tcp -s 0/0 -d 0/0 80 -j REDIRECT 8080
>-A input -p tcp -s 192.87.209.0/24 -d 0/0 80 -j REDIRECT 8080
>
>And this in squid.conf
>
>http_port 200.1.1.250:8080
>httpd_accel_host virtual
>httpd_accel_port 80
>httpd_accel_with_proxy on
>httpd_accel_uses_host_header on
>
>http_port 192.87.209.250:8080
>
>icp_port 3130
>#htcp_port 4827
>
>#mcast_groups 239.128.16.128
>#
>tcp_outgoing_address 192.168.10.2
>
>
>
>
>
>
check your iptables rule coz i can see a syntax error in it
this is the correct rule

#iptables -t nat -A PREROUTING -i eth0 -p tcp -s 0/0 --dport 80 -j
REDIRECT --to-port 8080

also do confirm you are not droping legitimate traffic to your cache
serever, i-e if you are running a firewall on the same machine /cache
then make sure you allow legitimate traffic IN and OUT.

Or Just make your default Policy ACCEPT (less secure)

regards
Received on Tue Mar 29 2005 - 21:55:43 MST

This archive was generated by hypermail pre-2.1.9 : Fri Apr 01 2005 - 12:00:03 MST