RE: [squid-users] transparent proxy from Kamesh Patel on 2002-08-20 (squid-users)

From: Kamesh Patel <kamesh.patel@dont-contact.us>
Date: Tue, 20 Aug 2002 15:22:53 +0100

>Did you try any of my suggestions and what was the outcome?
>
>Is your proxy is running properly if you use it as a NON-transparant proxy?
>

My proxy port is 10000

anything to port 10000 works fine i see this by watching the access.log file

When i watch the log accepting data without proxy settings in my browser as
in logging all comms through the following rule::

-A input -s 0.0.0.0/0.0.0.0 -d 0.0.0.0/0.0.0.0 -i eth0 -l -j ACCEPT

You may notice i am using ipchains instead of iptables... from what i have
read in the linux HOWTO on redirecting for Transparent Proxying ipchains can
be used.

i get:

Aug 20 15:14:07 dent kernel: Packet log: input ACCEPT eth0 PROTO=6
194.217.237.105:80 192.168.2.4:39310 L=60 S=0x00 I=48
481 F=0x0000 T=244 (#8)
Aug 20 15:14:07 dent kernel: Packet log: input ACCEPT eth0 PROTO=6
194.217.237.105:80 192.168.2.4:39312 L=60 S=0x00 I=10
773 F=0x4000 T=244 (#8)
Aug 20 15:14:07 dent kernel: Packet log: input ACCEPT eth0 PROTO=6
194.217.237.105:80 192.168.2.4:39306 L=52 S=0x00 I=10
774 F=0x4000 T=245 (#8)
Aug 20 15:14:07 dent kernel: Packet log: input ACCEPT eth0 PROTO=6
194.217.237.105:80 192.168.2.4:39306 L=234 S=0x00 I=1
0775 F=0x4000 T=245 (#8)
Aug 20 15:14:07 dent kernel: Packet log: input ACCEPT eth0 PROTO=6
192.168.2.151:1591 192.168.2.4:10000 L=422 S=0x00 I=2
2246 F=0x4000 T=128 (#8)
Aug 20 15:14:07 dent kernel: Packet log: input ACCEPT eth0 PROTO=6
194.217.237.105:80 192.168.2.4:39308 L=233 S=0x00 I=7
368 F=0x4000 T=245 (#8)
Aug 20 15:14:07 dent kernel: Packet log: input ACCEPT eth0 PROTO=6
192.168.2.151:1592 192.168.2.4:10000 L=443 S=0x00 I=2
2248 F=0x4000 T=128 (#8)
Aug 20 15:14:07 dent kernel: Packet log: input ACCEPT eth0 PROTO=6
194.217.237.105:80 192.168.2.4:39310 L=52 S=0x00 I=48
482 F=0x0000 T=245 (#8)
Aug 20 15:14:07 dent kernel: Packet log: input ACCEPT eth0 PROTO=6
194.217.237.105:80 192.168.2.4:39310 L=233 S=0x00 I=4
8483 F=0x0000 T=245 (#8)
Aug 20 15:14:07 dent kernel: Packet log: input ACCEPT eth0 PROTO=6
192.168.2.151:1593 192.168.2.4:10000 L=424 S=0x00 I=2
2250 F=0x4000 T=128 (#8)
Aug 20 15:14:07 dent kernel: Packet log: input ACCEPT eth0 PROTO=6
194.217.237.105:80 192.168.2.4:39308 L=233 S=0x00 I=7
369 F=0x4000 T=245 (#8)
Aug 20 15:14:07 dent kernel: Packet log: input ACCEPT eth0 PROTO=6
192.168.2.151:1592 192.168.2.4:10000 L=427 S=0x00 I=2
2252 F=0x4000 T=128 (#8)
Aug 20 15:14:07 dent kernel: Packet log: input ACCEPT eth0 PROTO=6
194.217.237.105:80 192.168.2.4:39310 L=233 S=0x00 I=4
8484 F=0x0000 T=245 (#8)
Aug 20 15:14:07 dent kernel: Packet log: input ACCEPT eth0 PROTO=6
192.168.2.151:1593 192.168.2.4:10000 L=426 S=0x00 I=2
2254 F=0x4000 T=128 (#8)
Aug 20 15:14:07 dent kernel: Packet log: input ACCEPT eth0 PROTO=6
194.217.237.105:80 192.168.2.4:39308 L=233 S=0x00 I=7
370 F=0x4000 T=245 (#8)
Aug 20 15:14:07 dent kernel: Packet log: input ACCEPT eth0 PROTO=6
194.217.237.105:80 192.168.2.4:39310 L=233 S=0x00 I=4
8485 F=0x0000 T=245 (#8)

the redirect rule that i am using is:

-A input -s 192.168.2.0/255.255.255.0 80:80 -d 0.0.0.0/0.0.0.0 -p tcp -l -j
REDIRECT 10000

and nothing is appearing when i try to use this!

I have checked that my install of squid was configured with
the --enable-linux-netfilter

and that the folliwing are set in the squid.conf

httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on

does this help in any way?

TIA

Kamesh
Received on Tue Aug 20 2002 - 08:22:58 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:09:45 MST