I am running a Red Hat 7.3 server, with iptables-1.2.5-3 and
squid-2.4.STABLE6-6.7.3 installed. The server sits behind a hardware
firewall, but I want to be able to use Squid both for cache and restricting
outgoing web browsing during certain hours of the day. The two NICs in the
server are eth0 (Internet side), 192.168.1.2, and eth1 (LAN side), 192.168.2.1
I have the following lines in Squid:
acl Gooddest dst www.domain1.com www.domain2.com www.domain3.com
www.domain4.com
acl Weekend time SA 08:30-18:00
http_access allow Gooddest Weekend
http_access allow all !Weekend
http_access deny all
I set up the following command to redirect traffic to Squid:
iptables -t nat -A PREROUTING -i eth1 -d ! 192.168.1.2 -p tcp --dport www
-j REDIRECT --to-port 3128
Apparently, my logic is flawed with this setup. When I attempt to browse
to any of the sites listed in Gooddest, the cache.log file shows that
access to www.domain1.com was ALLOWED, but then I am instantly redirected
to the web pages on my own server.
Can someone advise me as to where I'm going wrong with this setup?
Thanks!
Larry
Received on Sun Jan 12 2003 - 19:13:00 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:12:38 MST