[squid-users] Transparent Squid Proxy Server
Reet Vyas
reet.vyas28 at gmail.com
Tue Jun 2 12:31:15 UTC 2015
I am trying to configure transparent squid proxy on ubuntu 14.04 Server and
squid 3.3 version I am using
My Lan and Wan settings
eth0 Link encap:Ethernet HWaddr 00:1e:67:cf:59:74
inet addr:116.72.*.* Bcast:116.72.155.255 Mask:255.255.252.0
inet6 addr: fe80::21e:67ff:fecf:5974/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:238950 errors:0 dropped:0 overruns:0 frame:0
TX packets:236104 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:22219047 (22.2 MB) TX bytes:17390502 (17.3 MB)
Interrupt:16 Memory:d0a00000-d0a20000
eth1 Link encap:Ethernet HWaddr 00:1e:67:cf:59:75
inet addr:192.168.0.200 Bcast:192.168.0.255 Mask:255.255.255.0
inet6 addr: fe80::21e:67ff:fecf:5975/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:96965 errors:0 dropped:0 overruns:0 frame:0
TX packets:11785 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:10764615 (10.7 MB) TX bytes:7151763 (7.1 MB)
Interrupt:17 Memory:d0900000-d0920000
my squid.conf file
acl mynet src 116.72.152.37 192.168.0.0/16 # RFC1918 possible internal
network
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost manager
http_access deny manager
http_access allow mynet
http_access allow localhost
http_access allow all
http_port 3128
cache_dir ufs /usr/local/cache 10000 16 256
coredump_dir /var/spool/squid3
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern (Release|Packages(.gz)*)$ 0 20% 2880
refresh_pattern -i \.(gif|png|jpg|jpeg|ico)$ 3600 90% 43200
refresh_pattern . 0 20% 4320
but when I use 192.168.0.200 in my client machine as gateway ... internet
is not working and I cant see logs in access.log
But when I use this IP in my browser it is working and showing logs but
with my tplink router gateway i.e 192.168.0.1.
IPTable rules :
num target prot opt source destination
1 DNAT tcp -- anywhere anywhere tcp
dpt:http to:192.168.0.200:3128
2 REDIRECT tcp -- anywhere anywhere tcp
dpt:http redir ports 3128
Chain INPUT (policy ACCEPT)
num target prot opt source destination
Chain OUTPUT (policy ACCEPT)
num target prot opt source destination
Chain POSTROUTING (policy ACCEPT)
num target prot opt source destination
Please tell me what I am missing in IPtables and squid3 configuration . I
tried both transparent as well as intercept option but I think I have issue
with iptables or may be configuration issue.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20150602/4204df57/attachment.html>
More information about the squid-users
mailing list