Re: [squid-users] Squid Gateway

27-Mar-02 at 12:15, Jeff Zimmerman (jeff@stjohnks.net) wrote :
> > http_access allow manager localhost
> > # note this is a protocol + userlist so you will only allow localnet to
> > # use the manager acl if like your config above
> > http_access deny manager # to stop localhost doing anything but "manager"
> > http_access deny !Safe_ports
> > http_access deny CONNECT !SSL_ports
> > http_access allow localnet
> > http_access deny all
>
> No go. Perhaps I need to explain what I am attempting to put together. If I set up a
> browser to use the server either on port 3128 or 80 it will work fine. But, there is no
> way we could get our customers to change their browser settings. I am tyring to make the
> cache server work as a gateway. This way I can change the RAS machine's gateway address
> over to the squid server and then let it go from there.
>
> This is my first time working with squid, since it is so highly recommended. Been working
> with it four about a month and i'm sure there is just some small glitch I messed up
> somewhere. I have both a SquidNT box set-up and a SquidRedHat box set-up. Both do the
> same thing.
>
> All-in-all. Your changes, both of them, work great! via the browser proxy changes, but
> not via the gateway changes.

Follow all the instructions as to setting up Squid as a transparent proxy,
it should then work. Even if you get packets to port 80 on the Squid box,
Squid will not touch them unless it's in transparent mode.

(just ignore the parts about setting up a router / redirector, since Squid
will be the gateway and "see" all packets anyway)

-- 
[Simon White. vim/mutt. simon@mtds.com. GIMPS:57.27% see www.mersenne.org]
Hofstadter's Law states that projects take longer than expected, even when
Hofstadter's Law is taken into account.
[Arbitrary quotes signature rotation, a simple bash script by Simon White]