<div dir="ltr"><div dir="ltr"><div>Dear list,</div><div><br></div><div>I hope you can give me some hints for my current task.</div><div><br></div><div>I would like to achieve the following:<br><br>1. A user comes with the own device, for example phone or table.<br>2. The user connects to our own WLAN network<br>4. The user enters the addres of our website <br>3. The user can only access our website, which is hosted in a sever *not connected* to the internet.<br><br>We have the following set up<br><br>Tablets / phones <---> WLAN router <---> server <br><br>please note that there is *no* connection to internet. The server is connected to the "internet" port of the router.<br><br>The server runs ubuntu & apache.<br><br>I've been trying to achieve this with squid but I get a **warning of a forwarding loop**. I do not know what I'm doing wrong. <br><br>I'm following this:<br><a href="https://wiki.squid-cache.org/ConfigExamples/Intercept/LinuxRedirect">https://wiki.squid-cache.org/ConfigExamples/Intercept/LinuxRedirect</a><br><a href="https://wiki.squid-cache.org/SquidFaq/ReverseProxy">https://wiki.squid-cache.org/SquidFaq/ReverseProxy</a><br><br>Here are my conf files:<br><br>****squid.conf****<br><br>   http_port 3128 intercept<br>   http_port <a href="http://192.168.0.188:80">192.168.0.188:80</a> accel defaultsite=<a href="http://our.domain.org">our.domain.org</a><br>   http_port <a href="http://192.168.0.188:443">192.168.0.188:443</a> accel defaultsite=<a href="http://our.domain.org">our.domain.org</a><br>   cache_peer 127.0.0.1 parent 80 0 no-query originserver name=myAccel<br>   acl our_sites dstdomain <a href="http://our.domain.org">our.domain.org</a><br>   http_access allow our_sites<br>   cache_peer_access myAccel allow our_sites<br>   cache_peer_access myAccel deny all<br>   visible_hostname squid.proxy<br>   acl SSL_ports port 443<br>   acl CONNECT method CONNECT<br>   http_access deny !Safe_ports<br>   http_access deny CONNECT !SSL_ports<br>   http_access allow localhost manager<br>   http_access deny manager<br>   http_access allow localhost<br>   http_access allow all<br>   coredump_dir /var/spool/squid<br>   refresh_pattern ^ftp:       1440   20%   10080<br>   refresh_pattern ^gopher:   1440   0%   1440<br>   refresh_pattern -i (/cgi-bin/|\?) 0   0%   0<br>   refresh_pattern (Release|Packages(.gz)*)$     0      20%    2880<br>   refresh_pattern .       0   20%   4320<br><br><br>****apache ports.conf****<br><br>   #With Squid<br>   Listen <a href="http://127.0.0.1:80">127.0.0.1:80</a><br>   <br>   #Without Squid<br>   #Listen 80<br>   <br>   <IfModule ssl_module><br>       Listen 443<br>   </IfModule><br>   <br>   <IfModule mod_gnutls.c><br>       Listen 443<br>   </IfModule><br><br><br>****IPTABLES****<br><br>   # your proxy IP<br>   SQUIDIP=192.168.0.188<br>   # your proxy listening port<br>   SQUIDPORT=3128<br>   iptables -t nat -A PREROUTING -s $SQUIDIP -p tcp --dport 80 -j ACCEPT<br>   iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port $SQUIDPORT<br><br>apache: 2.4.18<br>squid: 3.5.12<br>ubuntu: 16.04<br></div><div><br></div><div>Thank you for your help!<br></div><div dir="ltr"><div><br></div><div><div dir="ltr" class="gmail_signature"><div dir="ltr"><div><div dir="ltr"><b>Juan Carlos Carvajal</b></div><div dir="ltr"><b><br></b></div><div dir="ltr"><b>Join our <a href="http://lists.mediaarchitecture.org/?p=subscribe&id=1" target="_blank">mailing list</a> (Max 1-mail / month)</b><br><br></div></div></div></div></div></div></div></div>