RE: [squid-users] Problem with Configuring squid with Cisco IOS 12.1(6) solved

Hello ,
The squid configuration is resolved. I thank all and one you guided me to
build the squid for the first time.
For the benefit of beginners the rules on the router are

route-map proxy-redirect permit 10
         match ip address 110
         set ip next-hop 203.24.133.2

        access-list 110 deny tcp any any neq www
        access-list 110 deny tcp host 203.24.133.2 any
        access-list 110 permit tcp any any

IPCHAINS ON THE LINUX BOX
ipchains -A input -p TCP -d 127.0.0.1/32 www -j ACCEPT
ipchains -A input -p TCP -d 192.168.1.1/32 www
ipchains -A input -p TCP -d any/0 www -j REDIRECT 3128 -j ACCEPT

Squid.conf file as below
http_port 3128
cache_mem 256 MB
cache_dir ufs /var/spool/squid 6500 16 256
cache_access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
http_access allow all
cache_mgr root
cache_effective_user squid
cache_effective_group squid
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on

interface Ethernet0
         ip policy route-map proxy-redirect

Best Regards
Prashant

-----Original Message-----
From: Naeem [mailto:rhlinux71@yahoo.com]
Sent: Saturday, June 16, 2001 7:11 PM
To: squid users
Subject: Re: [squid-users] Problem with Configuring squid with Cisco IOS
12.1(6)

> and u should have ipchains rule 'ipchains -A input -p TCP -s 0/0 -d 0/0
> 80 -j 8080' for squid
> u can customize the source and destination IPs.
>

You should enter ipchain rule for redirection as follows :

ipchains -A input -p tcp -s 0/0 -d 0/0 80 -j REDIRECT 8080

The source address against '-s' could be the address/range of addresses with
subnet mask of clients accessing Squid.
Received on Mon Jun 18 2001 - 00:17:24 MDT