Re: transparent proxy bug?

From: Nickolay Pelov <nicksoft@dont-contact.us>
Date: Sat, 12 Mar 2005 09:43:28 +0100

Henrik Nordstrom wrote:
> On Sat, 12 Mar 2005, Nickolay Pelov wrote:
>
>> Since I started using squid I have problems with setting it as
>> transparent proxy. It's working now, but only for port 80
>> here is my configuration:
>>
>> httpd_accel_host virtual
>> httpd_accel_host CACHE
>
>
> You can only have one httpd_accel_host...
>
>> When I try to set:
>> httpd_accel_port 0
>> squid tries to access destination address at port 0?!?
>
>
> Are you sure? It should be trying to contact the destination address at
> the http_port port number..
>

yes, you are right:
1110612218.964 89437 192.168.2.8 TCP_MISS/000 0 GET
http://digidownload.libero.it:3128/kazaaita/mirror/klmcodec125.exe -
NONE/- -

is there a way to have 2 ports redirected. like:
iptables -t nat -A PREROUTING -i $INT_DEV -p tcp -m tcp --dport 80 -j
REDIRECT --to-ports 3128
iptables -t nat -A PREROUTING -i $INT_DEV -p tcp -m tcp --dport 8080 -j
REDIRECT --to-ports 3128

will it be right if I make squid listening on ports 80 and 8080 and then
redirect these ports:

iptables -t nat -A PREROUTING -i $INT_DEV -p tcp -m tcp --dport 80 -j
REDIRECT --to-ports 80
iptables -t nat -A PREROUTING -i $INT_DEV -p tcp -m tcp --dport 8080 -j
REDIRECT --to-ports 8080
# or skip --to-ports option

  and should I bind these ports to 127.0.0.1 (in otder not to conflict
with my web server) this way:

http_port 127.0.0.1:80
http_port 127.0.0.1:8080

10x for help
Received on Sat Mar 12 2005 - 00:43:02 MST

This archive was generated by hypermail pre-2.1.9 : Fri Apr 01 2005 - 12:00:04 MST