Hi ,
The following u need to do for making squid as
transparent proxy:-
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j REDIRECT
--to-port 3128
iptables -A INPUT -j ACCEPT -m state --state NEW,ESTABLISHED,RELATED
-i eth1 -p tcp --dport 3128
iptables -A OUTPUT -j ACCEPT -m state --state NEW,ESTABLISHED,RELATED
-o eth0 -p tcp --dport 80
iptables -A INPUT -j ACCEPT -m state --state ESTABLISHED,RELATED -i
eth0 -p tcp --sport 80
iptables -A OUTPUT -j ACCEPT -m state --state ESTABLISHED,RELATED -o
eth1 -p tcp --sport 80
iptables -t nat -A PREROUTING -i eth1 -s ! 192.168.1.100 -p tcp
--dport 80 -j DNAT --to 192.168.1.100:3128
iptables -t nat -A POSTROUTING -o eth1 -s 192.168.1.0/24 -d
192.168.1.100 -j SNAT --to 192.168.1.1
iptables -A FORWARD -s 192.168.1.0/24 -d 192.168.1.100 -i eth1 -o eth1
-m state --state NEW,ESTABLISHED,RELATED -p tcp --dport 3128 -j ACCEPT
iptables -A FORWARD -d 192.168.1.0/24 -s 192.168.1.100 -i eth1 -o eth1
-m state --state ESTABLISHED,RELATED -p tcp --sport 3128 -j ACCEPT
make the following changes in squid.conf:-
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
Thanks
Ashish Malik
Received on Wed Aug 17 2005 - 00:45:26 MDT
This archive was generated by hypermail pre-2.1.9 : Thu Sep 01 2005 - 12:00:02 MDT