[squid-users] questions setting up transparent proxy
Antony Stone
Antony.Stone at squid.open.source.it
Wed Jan 3 20:26:55 UTC 2018
On Wednesday 03 January 2018 at 21:06:42, John Ratliff wrote:
> When I try to setup squid as a transparent proxy, I never get any
> response from Squid.
> When I try a wget request from a server that is being redirected
How (and more importantly, where) are you doing the redirect?
> Both machines are behind the same firewall. I used
> iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to
> 10.77.9.120:3128
If that firewall is not on the machine running Squid, then that's your problem.
> Traffic flows to the server running squid. I can verify this with
> tcpdump. The packets are making it from wget to the server. I just don't
> know what happens after that.
https://wiki.squid-cache.org/ConfigExamples/Intercept/LinuxRedirect
"NOTE: This configuration is given for use *on the squid box*. This is required
to perform intercept accurately and securely. To intercept from a gateway
machine and direct traffic at a *separate squid box* use policy routing."
https://wiki.squid-cache.org/ConfigExamples/Intercept/IptablesPolicyRoute
Antony.
--
Schrödinger's rule of data integrity: the condition of any backup is unknown
until a restore is attempted.
Please reply to the list;
please *don't* CC me.
More information about the squid-users
mailing list