Re: [squid-users] Transparent Proxy on the Gateway Box from Mohsin Khan on 2002-07-22 (squid-users)

From: Mohsin Khan <aaghaz00@dont-contact.us>
Date: Mon, 22 Jul 2002 10:37:43 -0700 (PDT)

A-o-a

You are using squid as transparent caching. and you
need to modify your iptable rules.
--- Wilson Mak <wilson.mak@digitalview.com> wrote:
> Hi Brain,
>
> Yes, I did.
> cat /proc/sys/net/ipv4/ip_forward -> 1
>
> Wilson
>
> ----- Original Message -----
> From: "Brian Leung" <brianlk@pacific.net.hk>
> To: "Wilson Mak" <wilson.mak@digitalview.com>
> Cc: <squid-users@squid-cache.org>
> Sent: Monday, July 22, 2002 2:29 PM
> Subject: Re: [squid-users] Transparent Proxy on the
> Gateway Box
>
>
> > hi,
> > did u enable ip forwarding on the proxy?
> >
> > Regards,
> > Brian Leung
> > System Engineer
> > Pacific Supernet
> >
> > On Mon, 22 Jul 2002, Wilson Mak wrote:
> >
> > > Dear all,
> > >
> > > I have set up a transparent proxy server on the
> gateway machine -
> 10.1.0.1
> > > (default gateway to all the internal users), the
> config is as follows:
> > >
> > > OS: RedHat 6.2
> > > Cache Server: Squid/2.4.STABLE6
> > > Port redirection: ipchains -A input TCP -s
> 10.1.0.0/24 -d 0/0 80 -j
> REDIRECT
> > > 3128
> > > Using Internal DNS server
> > >
> > > Squid.conf (Access Control):
> > > acl localhost src 127.0.0.1/255.255.255.255
> > > acl localnetwork src 10.1.0.0/255.255.255.0
> > > .....
> > >
> > > http_access allow localhost
> > > http_access allow localnetwork
> > > http_access deny all
> > >
> > > All the internal usres can access the Internal
> and internal web servers
> > > except the one on the gateway machine. When
> accessing the web server on
> the
> > > gateway machine (http://10.1.0.1), it always
> gives an error "The
> requested
> > > URL
> > > could not be retrieved. The following error was
> encountered: Access
> Denied.
> > > Acess control configuration prevents you request
> from being allowed at
> this
> > > time"
> > > (P.S The internal DNS can resolve this IP)
> > >
> > > Can someone help?
> > >
> > > Thanks in advance,
> > >
> > > Wilson
> > >
> > >
> >
> >
> >
>

=====
Regards,
Mohsin Khan
CCNA ( Cisco Certified Network Associate 2.0 )

>>>Happy is the who can smile<<<

__________________________________________________
Do You Yahoo!?
Yahoo! Health - Feel better, live better
http://health.yahoo.com
Received on Mon Jul 22 2002 - 11:37:45 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:09:19 MST