Add one more ipchains rule for https
/sbin/ipchains -A good-bad -p tcp --dport 443 -j MASQ
-Jack
----- Original Message -----
From: Andi Salimun
To: squid-users@squid-cache.org
Sent: Saturday, November 24, 2001 7:34 AM
Subject: [squid-users] Help: transparent Proxy + https problems
Hello, I have configured linux slackware box (kernel 2.2) + satellite connection + squid. Everything works fine except https site.
I have also dig the doc, mailing list etc. And try it even with normal dial up connection. Still no luck *sigh*.
Here is the squid.conf
http_port 3128
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
cache_mem 128 MB
cache_dir ufs /usr/local/squid/cache 15000 16 256
dns_nameservers 127.0.0.1
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl all src 0.0.0.0/0.0.0.0
acl student src 192.168.0.0/255.255.255.0
acl admin src 192.168.1.0/255.255.255.0
#acl hotmail dstdomain .passport.com
#always_direct allow hotmail
#never_direct allow hotmail
http_access deny manager all
http_access allow localhost
http_access allow student
http_access allow admin
http_access deny all
#icp_access allow student
#icp_access allow admin
#icp_access deny all
cache_mgr andi_salimun@yahoo.com
#cache_access_log /dev/null
#cache_store_log none
#cache_log /dev/null
Here is my only ipchains rules.
/sbin/ipchains -A input -s 192.168.0.0/24 -d 0/0 http -p TCP -j REDIRECT 3128
Regards,
Andi
_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com
Received on Sun Nov 25 2001 - 20:42:51 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:04:30 MST