<div dir="ltr"><div><div><div>Dear all,<br><br></div>i have configured squid 3.5.26 SSL bump on CENTOS 6.2 to share internet and delay pools to control bandwidth (my configuration files attached)<br><br><br></div>Problem what i facing and not understanding the issue.<br><br>1- clients who send request- proxy setting working fine with this directive http_port 3128 <br></div><div> - Delay pools working fine, internet browsing to all clients using proxy is working.<br></div><div><br></div><div>2- When transparent proxy clients sent http request via iptables ... REDIRECT.<br>http_port 3129 intercept</div><div>OR</div><div>When transparent proxy clients sent https request via iptables ... REDIRECT.<br>https_port 3130 intercept ssl-bump generate-host-certificates=on<br>dynamic_cert_mem_cache_size=4MB cert=/etc/squid/ssl_certs/squid.pem<br><br></div><div>I observed the problem in both cases when client sent request through IPTABLES Squid service got failed. When i stop iptables and start squid then it start working.</div><div>-A PREROUTING -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3129<br>-A PREROUTING -p tcp -m tcp --dport 443 -j REDIRECT --to-ports 3130<br></div><div><br></div><div>3- my objective to setup squid.</div><div> * Internet sharing to Proxy setting configured clients.</div><div> * Internet sharing to Proxy Transparent clients (Those request directed to server from ip route 0.0.0.0 0.0.0.0 Proxy-IP from CISCO Network for HTTP and HTTPS Requests without configuring proxy setting (coming from wireless).<br> * delay pools for HTTP and HTTPS both browsing for proxy & transparent clients.</div><div><br></div><div><br></div><div>Kindly if somebody help me to fix my problems and if share any setting which works. I had added ssl bump certificate because the service was crashing again and again without any reason after a few days or sometime on same day.<br></div><div><br clear="all"></div><div><div><div><br>-- <br><div class="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr">With Regards,<br>
<p><br><b style="font-size:12.8px"><span style="color:rgb(23,54,93);background-image:initial;background-position:initial;background-repeat:initial">Arsalan Hussain</span></b><b style="font-size:12.8px"><span style="color:rgb(192,80,77)"></span></b></p><div><b><font size="2">If you don't fight for what you want, don't cry for what you lose</font></b><font size="2"><b>.</b></font></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div>
</div></div></div></div>