[squid-users] Is it possible to configure a transparent caching proxy without iptables?
Karl-Philipp Richter
richter at richtercloud.de
Tue Jan 6 19:39:15 UTC 2015
Hi together,
I'm having trouble figuring a way to configure a `squid` 3.4.10 instance
running in a Debian 7 chroot as a transparent caching proxy because I
only find configuration examples involving `iptables` which on the one
hand is very useful because it allows setups which work independently of
environment variables and program settings on the other hand requires
access to kernel module loading and unloading. It might be the case that
the latter is considered an acceptable tradeoff for the advantages of
the former.
That leads me to the question whether it is at all possible to configure
a `squid` instance to store data of requests from within a local network
to the outside (of the local network) in order to avoid to fetch them
again and again from the outside (a caching proxy AFAIK, but I'm
clearifying in order to avoid confusion). Of course this would require
the setup of an environment variable, like `http_proxy` on Linux, or
even individual program settings with all the disadvantages of extended
maintenance necessity.
What would be the case it I had access to `iptables` on the client and
not on the machine where `squid` is running. After setting `http_port
3128 transparent` in `squid.conf` I'm getting access denial errors due
to forwarding loops
2015/01/06 20:35:34 kid1| WARNING: Forwarding loop detected for:
GET / HTTP/1.1
Accept-Encoding: identity
Host: google.com
User-Agent: Python-urllib/3.4
Via: 1.1 diskstation (squid/3.4.10)
X-Forwarded-For: 192.168.178.22
Cache-Control: max-age=259200
Connection: keep-alive
but that's just an example to avoid questions like "What have you tried
so far". I'm more looking for an abstract, general answer.
Best regards,
Kalle
More information about the squid-users
mailing list