Hello David,
Try this
/sbin/ipchains -N good-bad
/sbin/ipchains -A forward -j good-bad
/sbin/ipchains -A good-bad -p tcp --dport 443 -j MASQ
-Jack
----- Original Message -----
From: David Yahoo
To: Jack
Sent: Thursday, December 13, 2001 12:20 PM
Subject: Re: [squid-users] Help: transparent Proxy + https problems
Jack,
I used this set of ipchains for my squid box the next rules i wasnt able
to set
./ipchains -A input -s 192.168.0.0/24 -d 0/0 http -p TCP -
j REDIRECT 3128
Then i entered this line
ipchains -A good-bad -p tcp --dport 443 -j MASQ
ipchains: No target by that name (Maybe this kernel doesn't support
masquerading
I tried running squid but I think it still not working.
David
----- Original Message -----
From: Jack
To: David Yahoo
Sent: Tuesday, December 04, 2001 11:49 AM
Subject: Re: [squid-users] Help: transparent Proxy + https problems
Hello David,
You have to enable it in the kernel.
It will be under Network Options.
----- Original Message -----
From: David Yahoo
To: Jack
Sent: Monday, December 03, 2001 11:42 AM
Subject: Re: [squid-users] Help: transparent Proxy + https problems
Jack,
how can I enable ip_gre in my unix box ?
David
----- Original Message -----
From: Jack
To: David Yahoo
Sent: Monday, November 26, 2001 12:35 PM
Subject: Re: [squid-users] Help: transparent Proxy + https problems
pre-requests
1) ip_gre should be enabled in your kernel, if not enable ip_gre and
recompile your kernel.
2) WCCP was supported by squid 2.3 and later version only(better to
use squid-2.4.STABLE1)
3) squid supports only WWCPv1 only.
Configuration
1)In squid 2.4 and later, by default wccp is enabled.if it is 2.3
then you have to configure squid with --enable-wccp
2)In squid.conf edit wccp_router 0.0.0.0 as wccp_router your router
ip
and wccp_version with appropriate version.
IN router use the following command
ip wccp version 1
ip wccp web-cache
!
interface Ethernet0/0
ip wccp web-cache redirect out
-Jack
----- Original Message -----
From: David Yahoo
To: Jack
Sent: Monday, November 26, 2001 9:35 AM
Subject: Re: [squid-users] Help: transparent Proxy + https
problems
Hello!
Anybody can send me some squid.conf file than it is configured to
work with wccp feature?Do we have to configure anything with our router?
I am trying to install squid to our system (Linux Slackware
Version 7.1).First i want to run it with the minimum requirements just to
meet my deadline..I have already finihed installing the thing.I need help in
editing the parameters in squid.conf. Here is my servers specs.
sever hostname: longlive
ip address : 172.16.1.23 255.255.255.0
our internal Lan ip address range 172.16.1.0
My boss wants the wccp features of squid.Hope anyone out there can
help me especially with the acl.http_access,icp access which i dont
understand.
David
----- Original Message -----
From: Jack
To: Andi Salimun ; squid-users@squid-cache.org
Sent: Monday, November 26, 2001 11:46 AM
Subject: Re: [squid-users] Help: transparent Proxy + https
problems
Add one more ipchains rule for https
/sbin/ipchains -A good-bad -p tcp --dport 443 -j MASQ
-Jack
----- Original Message -----
From: Andi Salimun
To: squid-users@squid-cache.org
Sent: Saturday, November 24, 2001 7:34 AM
Subject: [squid-users] Help: transparent Proxy + https
problems
Hello, I have configured linux slackware box (kernel 2.2) +
satellite connection + squid. Everything works fine except https site.
I have also dig the doc, mailing list etc. And try it even
with normal dial up connection. Still no luck *sigh*.
Here is the squid.conf
http_port 3128
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
cache_mem 128 MB
cache_dir ufs /usr/local/squid/cache 15000 16 256
dns_nameservers 127.0.0.1
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl all src 0.0.0.0/0.0.0.0
acl student src 192.168.0.0/255.255.255.0
acl admin src 192.168.1.0/255.255.255.0
#acl hotmail dstdomain .passport.com
#always_direct allow hotmail
#never_direct allow hotmail
http_access deny manager all
http_access allow localhost
http_access allow student
http_access allow admin
http_access deny all
#icp_access allow student
#icp_access allow admin
#icp_access deny all
cache_mgr andi_salimun@yahoo.com
#cache_access_log /dev/null
#cache_store_log none
#cache_log /dev/null
Here is my only ipchains rules.
/sbin/ipchains -A input -s 192.168.0.0/24 -d 0/0 http -p
TCP -j REDIRECT 3128
Regards,
Andi
_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com
Received on Thu Dec 13 2001 - 21:05:08 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:05:21 MST