[squid-users] Transperancy With Squid and ipchains

Hi

I am trying to find a solution to make squid work transperantly in my setup.

I am using ALPHA and Squid2.3Stable4 with IP chains with one ethernet port and route-map to divert traffic from router. Packets are moving to the squid cache but the are seen in a different format.. pls.. have a look at the same and let me have ur valuable suggestions....

I followed FAQ 17 and done following things.

Installed IP chains using

#!/bin/sh
# rc.firewall Linux kernel firewalling rules
# Leon Brooks (leon at brooks dot fdns dot net)
FW=/sbin/ipchains
ADD="$FW -A"

# Flush rules, for testing purposes
for i in I O F # A # If we enabled accounting too
   do
     ${FW} -F $i
   done

# Default policies:
${FW} -P input REJECT # Incoming policy: reject (quick error)
${FW} -P output ACCEPT # Output policy: accept
${FW} -P forward DENY # Forwarding policy: deny

# Input Rules:

# Loopback-interface (local access, eg, to local nameserver):
${ADD} input -j ACCEPT -s localhost/32 -d localhost/32

# Local Ethernet-interface:

# Redirect to Squid proxy server:
${ADD} input -p tcp -d 0/0 80 -j REDIRECT 3128

# Accept packets from local network:
${ADD} input -j ACCEPT -s 202.xyx.xy.0/22 -d 0/0 -i eth0

# Only required for other types of traffic (FTP, Telnet):

# Forward localnet with masquerading (udp and tcp, no icmp!):
${ADD} forward -j MASQ -p tcp -s xyz.xyz.xy.0/22 -d 0/0
${ADD} forward -j MASQ -P udp -s xyz.xyz.xy.0/22 -d 0/0

 
And access.log looked like this....

-1770085401.880 19 202.153.32.250 NONE/400 1088 GET /omni - NONE/- -
-1770085400.250 54 202.153.32.175 NONE/400 1122 GET /pgdownload/update.txt - NONE/- -
-1770085400.785 16 202.153.32.163 NONE/400 1098 GET /feed/pg4/ - NONE/- -
-1770085400.841 45 202.153.32.164 NONE/400 1132 GET /menu.off.off.separator.gif - NONE/- -
-1770085400.851 8 202.153.32.163 NONE/400 1176 GET /us.yimg.com/a/ya/yahoo_anchor/bizmsgr_survey.gif - NONE/- -
-1770085399.087 67 202.153.32.164 NONE/400 1110 GET /menu.off.bg.gif - NONE/- -
-1770085399.320 66 202.153.32.164 NONE/400 1112 GET /menu.off.end.gif - NONE/- -
-1770085399.414 54 202.153.32.163 NONE/400 1126 GET /imip/imip_services.html - NONE/- -
-1770085399.469 42 202.153.32.163 NONE/400 1182 GET /us.yimg.com/i/mesg/insider/messenger_headlines2.jpg - NONE/- -
-1770085399.523 32 202.153.32.163 NONE/400 1132 GET /us.yimg.com/i/yi/line1.gif - NONE/- -
-1770085399.554 19 202.153.32.164 NONE/400 1100 GET /spacer.gif - NONE/- -
-1770085399.576 21 202.153.32.163 NONE/400 1140 GET /us.yimg.com/i/yi/masthead3.gif - NONE/- -
-1770085399.798 102 202.153.32.175 NONE/400 1116 POST /cgi-bin/folder.cgi - NONE/- -
-1770085399.902 12 202.153.32.164 NONE/400 1094 GET /f.s.gif - NONE/- -
-1770085399.991 54 202.153.32.163 NONE/400 1120 GET /sms/smscarriers.html - NONE/- -
-1770085398.172 66 202.153.32.164 NONE/400 1110 GET /menu.end.bg.gif - NONE/- -
-1770085398.400 60 202.153.32.164 NONE/400 1106 GET /hmhome.tl.gif - NONE/- -
-1770085398.628 60 202.153.32.164 NONE/400 1104 GET /hmhome.m.gif - NONE/- -
-1770085398.838 65 202.153.32.164 NONE/400 1116 GET /icon_checkmark.gif - NONE/- -
-1770085397.091 90 202.153.32.164 NONE/400 1363 GET /l/redirlog/hmhinbox?url=http%3a%2f%2flw7fd%2elaw7%2ehotmail%2emsn%2ecom/cgi-bin/HoTMaiL?curmbox=F000000001&a=849003c03f5163ee2b185880fda1c697 - NONE/- -
-1770085396.188 60 202.153.32.164 NONE/400 1080 GET / - NONE/- -
-1770085395.032 43 202.153.32.163 NONE/400 1170 GET /us.yimg.com/i/mesg/insider/suitcase_large.gif - NONE/- -
-1770085395.098 42 202.153.32.163 NONE/400 1162 GET /us.yimg.com/i/mesg/insider/astrology1.gif - NONE/- -
-1770085395.568 12 202.153.32.250 NONE/400 1088 GET /omni - NONE/- -
-1770085395.584 16 202.153.32.163 NONE/400 1156 GET /us.yimg.com/i/mesg/insider/careers.gif - NONE/- -
-1770085395.752 12 202.153.32.250 NONE/400 1088 GET /omni - NONE/- -
-1770085394.334 72 202.153.32.163 NONE/400 1162 GET /messenger/client/??http://mail.yahoo.com/ - NONE/- -
-1770085393.431 42 202.153.32.168 NONE/400 1102 GET /04n/020.jpg - NONE/- -
-1770085391.456 31 202.153.32.164 NONE/400 1299 GET /cgi-bin/login.cgi?formname=general&login=sryerram&session_id=$1$D$.qum.NTTruaLbXTaNdxmS.&function_name=logout - NONE/- -
-1770085389.704 90 202.153.32.175 NONE/400 1329 GET /search?q=cache:Fs2E4cefleAC:www.herts.ac.uk/ltdu/journal/technelogos.pdf+tips+for+selecting+logos+for+hospital+purpose&hl=en - NONE/- -
-1770085388.059 37 202.153.32.163 NONE/400 1317 GET /svcs/mms/admain_img.asp?Version=4.5&Plcid=0409&CLCID=0409&BrandID=MSMSGS&country=IN&zip=&age=29&gender=F&random=320530 - NONE/- -
-1770085388.764 12 202.153.32.250 NONE/400 1088 GET /omni - NONE/- -
-1770085386.856 175 202.153.32.163 NONE/400 1321 GET /cgi-bin/getmsg?curmbox=F000000005&a=377def3321cebe9e83d4af6bcc2a0b01&msg=MSG1010068725.33&start=68
Received on Thu Jan 03 2002 - 22:13:34 MST