[squid-users] Re: Securing squid3

From: babajaga <augustus_meyer_at_yahoo.de>
Date: Thu, 14 Feb 2013 13:31:21 -0800 (PST)

So, at least you will need something like
iptables -t nat -A PREROUTING -i eth3 -p tcp --dport 80 -j DNAT --to
192.168.0.24:80
on the squid-box (default gateway).

But then the question arises: Does HAVP support transparent proxying, like
squid does ?

If it does, then
iptables -t nat -A PREROUTING -i ethx -p tcp --dport 80 -j REDIRECT
--to-port 3127
should do the trick.

(I do NOT think, that
iptables -t nat -A PREROUTING -i eth3 -p tcp --dport 80 -j DNAT --to
192.168.0.24:3127
will work. Because that would not be a "standard" transparent proxy setup.)

--
View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/Securing-squid3-tp4658495p4658504.html
Sent from the Squid - Users mailing list archive at Nabble.com.
Received on Thu Feb 14 2013 - 21:31:22 MST

This archive was generated by hypermail 2.2.0 : Fri Feb 15 2013 - 12:00:04 MST