[SQU] Transparent Proxying Doesn't Work!!!

From: <dhbae@dont-contact.us>
Date: Mon, 28 Aug 2000 16:45:39 +0900

Hi.
I am using kernel 2.2.12-20 and squid-2.3.STABLE3

I configured and compiled kernel with the following options set as follows

 IP Firewalling
 IP Transparent Proxy Support.

In squid.conf I have the following options

 http_port 8080
 httpd_accel_host virtual
 httpd_accel_port 80
 httpd_accel_with_proxy on
 httpd_accel_uses_host_header on

Iam using Ipchains package for Ip firewall administration.
I have the following lines in rc.local startup script
(200.0.0.0/24-example of my private network, 200.0.0.1-example of my gateway)

 /sbin/depmod -a
 /sbin/modprobe ip_masq_ftp

 /sbin/ipchains -P forward DENY

 /sbin/ipchains -A forward -s 200.0.0.0/24 -p tcp -d 0.0.0.0/0 www -j MASQ
 /sbin/ipchains -A forward -s 200.0.0.0/24 -p tcp -d 0.0.0.0/0 ftp -j MASQ
 /sbin/ipchains -A forward -s 200.0.0.0/24 -p udp -d 0.0.0.0/0 fsp -j MASQ
 /sbin/ipchains -A forward -s 200.0.0.0/24 -p tcp -d 0.0.0.0/0 ftp-data -j MASQ
 /sbin/ipchains -A forward -s 200.0.0.0/24 -p tcp -d 0.0.0.0/0 telnet -j MASQ
 /sbin/ipchains -A forward -s 200.0.0.0/24 -p tcp -d 0.0.0.0/0 smtp -j MASQ
 /sbin/ipchains -A forward -s 200.0.0.0/24 -p tcp -d 0.0.0.0/0 pop3 -j MASQ
 /sbin/ipchains -A forward -s 200.0.0.0/24 -p tcp -d 0.0.0.0/0 nntp -j MASQ
 /sbin/ipchains -A forward -s 200.0.0.0/24 -p tcp -d 0.0.0.0/0 domain -j MASQ
 /sbin/ipchains -A forward -s 200.0.0.0/24 -p udp -d 0.0.0.0/0 domain -j MASQ
 /sbin/ipchains -A forward -s 200.0.0.0/24 -p tcp -d 0.0.0.0/0 icp -j MASQ
 /sbin/ipchains -A forward -s 200.0.0.0/24 -p udp -d 0.0.0.0/0 icp -j MASQ
 /sbin/ipchains -A forward -s 200.0.0.0/24 -p tcp -d 0.0.0.0/0 webcache -j MASQ
 /sbin/ipchains -A forward -s 200.0.0.0/24 -p udp -d 0.0.0.0/0 webcache -j MASQ

 /sbin/ipchains -A forward -s 200.0.0.0/24 -p icmp -d 0.0.0.0/0 -j MASQ

 /sbin/ipchains -A input -s ! 200.0.0.0/24 -p tcp --dport 1:1023 -i eth0 -d 0.0.0.0/0 -y -j DENY
 /sbin/ipchains -A input -s ! 200.0.0.0/24 -p tcp --dport 6000:6010 -i eth0 -d 0.0.0.0/0 -y -j DENY

 /sbin/ipchains -A input -s 200.0.0.0/24 -p tcp -d 200.0.0.1 80 -j REDIRECT 8080

I am running squid on port 8080 in machine 200.0.0.1

After doing all this, i selected the option proxy connection(200.0.0.1:8080) in client browser.
That's succeeded!

But, Direct connection to the internet instead of proxy, That's not work!!!
(Connection is succeeded. But redirection is fail. That's connection is still port 80.
also when I request for Bad URL, I am not able contact squid machine.)

I dont know what is the problem. can any one help me.

Thanks in advance.

--
To unsubscribe, see http://www.squid-cache.org/mailing-lists.html
Received on Mon Aug 28 2000 - 01:46:27 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:55:06 MST