This looks good to me, but since my box is the firewall and runs apache
vservers on both nics, do i need a line that says something like
dest = $EXT_IF, port = 80 redirect to $EXT_IF port 80
dest = $INT_IF, port = 80 redirect to $INT_IF port 80
??
Also, the FAQ shows --enable-ipf-transparent must be used as a compile
option, how can i determine if that was used for my box? I am running
debian and installed squid via apt-get and I'm not certian which options
were used when squid was compiled.
Since im only interested in doing the transparent caching for the
internal network, can i simply specify the nic to forward on with
iptables?
Finally, the FAQ doesn't mention it, but will i need to modify my apache
configuration at all?
TIA,
Ben
On Tue, Nov 12, 2002 at 04:28:24PM +0100, Henrik Nordstrom wrote:
> Do they work if you configure your browser to use Squid as a proxy?
>
> Regards
> Henrik
>
>
> tis 2002-11-12 klockan 14.47 skrev Pasi Holmstr?m:
> > I have RedHat with Kernel 2.4 and Squid 2.4.STABLE1 and I'm trying to make
> > transparent proxy.
> > That's what I've done.
> > iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to 1.2.3.4
> > iptables -t nat -A PREROUTING -p tcp --dport 80 -i eth0 \ -j DNAT --to-port
> > 8080
> > iptables -t nat -A PREROUTING -p tcp --dport 8080 -i eth0 \ -j DNAT --to-
> > port 8080
> >
> > Lines in squid.conf
> > http_port 8080
> > httpd_accel_host virtual
> > httpd_accel_port 80
> > httpd_accel_with_proxy on
> > httpd_accel_uses_host_header on
> >
> >
> > Most of the addresses seem to work fine but for example:
> > http://www.foo.com/cgi-bin/psearch? does not. Also <form name="queryForm"
> > method="POST"
> > action="/jpQuery2/jpQuery.do;jsessionid=E4322F8C3469DB121E07CE8A09A7E5BA.jp1
> > "> does not work.
> > But http://www.google.com/search?q=ip&ie=UTF-8&oe=UTF-8&hl=fi&lr= does
> > work. What is going on???
>
>
Received on Tue Nov 12 2002 - 08:58:17 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:11:18 MST