Re: ipfwadm port redirection & squid

From: Dancer <dancer@dont-contact.us>
Date: Mon, 24 Nov 1997 23:44:32 +1000

Get transproxy, compile and install it according to the directions.

It's the thing that changes the non-proxied URLs into proxyable URLs. You need to
redirect to _that_ which will rewrite the request line and then feed the connection
to the proxy.

D

anindya wrote:

> Hi there folks,
>
> I'm not sure if this is a problem with my Linux kernel
> version's (2.0.32) support of transparent proxying, or squid
> itself, but here goes...
>
> I'm running squid 1.1.17, and what I would like to do is
> transparently redirect port 80 requests to port 3128 for any http
> request on my local LAN. I don't want to have to force my users
> to set their browsers up to use the proxy, but want them to use
> the cache transaprently. So, per the Net-3 and firewall
> HOWTOs, I do this:
>
> ipfwadm -I -a accept -y -o -P tcp -S my.lan.is.here/mask -D 0.0.0.0 80 -r 3128
>
> Now, I see the packets getting redirected to 3128 (via the
> firewall packet logging, but somehow
> it munges the URL in the process. So if I make a request from
> a machine on the local LAN for, say,
> http://squid.nlanr.net/Squid/Devel/ , the URL gets truncated to
> just /Squid/Devel/, which squid then complains about:
>
> 880351331.249 6 xxx.xx.xxx.xx ERR_INVALID_URL/400 567 GET /Squid/Devel/ - N
> ONE/- -
>
> My question is, has anyone tried to do what I'm trying to do? And
> have they ever seen the URL get truncated in this manner?
> Any help or suggestions would be greatly appreciated, and
> I apologize if this appears to be off topic.
>
> Thanks,
> --ANindya

--
Note to evil sorcerers and mad scientists: don't ever, ever summon powerful
demons or rip holes in the fabric of space and time. It's never a good idea.
ICQ UIN: 3225440
Received on Mon Nov 24 1997 - 05:57:40 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:37:43 MST