As suggested, a simple case of RTFM - I should know better
by now! I'd had squid itself working from some time and hence dived
straight past this bit of the HOWTO and into Ipchains without modifying my
squid.conf.. Thanks to those who responded.
Toby.
It is a joy to work with an operating system and products
where a support call means a solution and not a feeble conversation with
Gavin from marketing at you expense..
-----Original Message-----
From: Ounsted, Toby [mailto:ounstedt@PSGInt.com]
Sent: 20 April 2000 14:56
To: 'redhat-list@redhat.com'; 'Squid Mailing List'
(E-mail)
Subject: Weird IPCHAINS and SQUID problem
This one's starting to give me a headache.. - using ipchains
for transparent
proxying, the address section gets ripped out of URLs..
I'm trying to get Squid to be a transparent proxy by setting
my linux box as
the default gateway and forwarding from port 80 to port 3128
as per the
Transparent Proxy howto. I've previously been using squid
quite happily,
going directly to port 3128 - it works a treat.
set IPV4 forwarding and defragmentation, and set ipchains
rules as follows:
(the server's called 'internet')..
[root@internet sysconfig]# ipchains -L
Chain input (policy ACCEPT):
target prot opt source destination
ports
ACCEPT tcp ------ anywhere internet
any ->
www
ACCEPT tcp ------ anywhere
internet.psgint.com any ->
www
REDIRECT tcp ------ anywhere anywhere
any ->
www => 3128
Chain forward (policy ACCEPT):
Chain output (policy ACCEPT):
If I turn of the proxy settings in the browser (i.e. try to
go direct) the
address of the site I'm trying to hit seems to get mashed.
For example, I
try and go to http://www.wideopen.com/story/757.html
<http://www.wideopen.com/story/757.html>
Squid responds with:
ERROR
The requested URL could not be retrieved
While trying to retrieve the URL: /story/757.html
</story/757.html>
The following error was encountered:
Invalid URL
Etc.
So it's as though the first part of the URL got murdered.
The squid access log looks similar:
956237322.768 0 194.70.6.99 NONE/400 1075 GET
/story/757.html - NONE/-
-
Software: MSIE5 browser, RH6.1, Squid2.2Stable4 supplied
with RH6.1. Stock
kernel which already has Ipchains support built in.
Something's getting somewhere for squid to even be having a
go - but the
address isn't.
TCPDump is also interesting (pooter is the client) as
something is
chattering to 206.132.41.223.www (which is wideopen.com for
the purposes of
this test) - despite squid's announcement that it had all
gone wrong:
[root@internet sysconfig]# !tcp
tcpdump 'port 80'
Kernel filter, protocol ALL, datagram packet socket
tcpdump: listening on all devices
14:48:45.778563 eth0 < pooter.psgint.com.2608 >
206.132.41.223.www: S
2900626:2900626(0) win 8192 <mss 1460> (DF)
14:48:45.778637 eth0 > 206.132.41.223.www >
pooter.psgint.com.2608: S
2802009305:2802009305(0) ack 2900627 win 30660 <mss 1460>
(DF)
14:48:45.778774 eth0 < pooter.psgint.com.2608 >
206.132.41.223.www: . 1:1(0)
ack 1 win 8760 (DF)
14:48:45.779095 eth0 < pooter.psgint.com.2608 >
206.132.41.223.www: P
1:294(293) ack 1 win 8760 (DF)
14:48:45.779129 eth0 > 206.132.41.223.www >
pooter.psgint.com.2608: . 1:1(0)
ack 294 win 30660 (DF)
14:48:45.780024 eth0 > 206.132.41.223.www >
pooter.psgint.com.2608: P
1:1076(1075) ack 294 win 32120 (DF)
14:48:45.780230 eth0 > 206.132.41.223.www >
pooter.psgint.com.2608: F
1076:1076(0) ack 294 win 32120 (DF)
14:48:45.781174 eth0 < pooter.psgint.com.2608 >
206.132.41.223.www: F
294:294(0) ack 1076 win 7685 (DF)
14:48:45.781237 eth0 > 206.132.41.223.www >
pooter.psgint.com.2608: .
1077:1077(0) ack 295 win 32119 (DF)
14:48:45.781230 eth0 < pooter.psgint.com.2608 >
206.132.41.223.www: .
295:295(0) ack 1077 win 7685 (DF)
So - suggestions welcome! It's got me..
Thanks,
Toby.
--
To unsubscribe: mail redhat-list-request@redhat.com with
"unsubscribe"
as the Subject.
Received on Tue Apr 25 2000 - 03:18:36 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:53:02 MST