[squid-users] Squid on separate box and it can't see packets
John Pearson
johnpearson555 at gmail.com
Tue Feb 14 06:24:52 UTC 2017
Hi all,
I have squid on a separate box on my network with ip address 192.168.1.2
In squid.conf I have:
http_port 0.0.0.0:3128
http_port 0.0.0.0:3129 intercept
-------
On squid box:
$ sudo netstat -lnp | grep squid
tcp 0 0 0.0.0.0:3128 0.0.0.0:* LISTEN
2639/(squid-1)
tcp 0 0 0.0.0.0:3129 0.0.0.0:* LISTEN
2639/(squid-1)
udp 0 0 0.0.0.0:37444 0.0.0.0:*
2639/(squid-1)
udp6 0 0 :::41465 :::*
2639/(squid-1)
-------
I followed this example:
http://wiki.squid-cache.org/ConfigExamples/Intercept/LinuxRedirect
iptables:
# your proxy IP
SQUIDIP=192.168.1.2
# your proxy listening port
SQUIDPORT=3129
iptables -t nat -A PREROUTING -s $SQUIDIP -p tcp --dport 80 -j ACCEPT
iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port
$SQUIDPORT
iptables -t nat -A POSTROUTING -j MASQUERADE
iptables -t mangle -A PREROUTING -p tcp --dport $SQUIDPORT -j DROP
------
I am redirecting port 80 packets on my router to squid box
On one of the clients: 192.168.1.8, I am running
wget -v --bind-address=192.168.1.8 http://squid-cache.org:80
On squid box, I am running tcpdump and I am able to see those packets:
22:09:58.962316 IP 192.168.1.8.52219 > lists.squid-cache.org.http: Flags
[S], seq 1999822717, win 29200, options [mss 1460,sackOK,TS val 26932460
ecr 0,nop,wscale 7], length 0
22:09:59.958994 IP 192.168.1.8.52219 > lists.squid-cache.org.http: Flags
[S], seq 1999822717, win 29200, options [mss 1460,sackOK,TS val 26932560
ecr 0,nop,wscale 7], length 0
22:10:01.958981 IP 192.168.1.8.52219 > lists.squid-cache.org.http: Flags
[S], seq 1999822717, win 29200, options [mss 1460,sackOK,TS val 26932760
ecr 0,nop,wscale 7], length 0
But squid is not seeing them. Squid log is empty.
Need advice. Thanks!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20170213/7a0884db/attachment.html>
More information about the squid-users
mailing list