Re: [squid-users] URL could not be retrieved error... from Ehsan Lesani on 2003-08-05 (squid-users)

From: Ehsan Lesani <ehsan@dont-contact.us>
Date: Tue, 5 Aug 2003 19:04:05 +0430

Dear frined.
A t first you ought to enbale forwarding on your squid box.
Then you should use this command to set its transparency :

iptables -t nat -A PREROUTING -p tcp -i <interface name> --dport 80 -j
REDIRECT --to-port 3128

Then it should be work

On of your problems is that you want to DNAT these packets but you did not
use from nat table so it should not work you know.

Ehsan Lesani

----- Original Message -----
From: "Luciano Bernardes de Paula" <ruivo2099@yahoo.com>
To: "squid" <squid-users@squid-cache.org>
Sent: Tuesday, August 05, 2003 4:11 PM
Subject: [squid-users] URL could not be retrieved error...

> Hi!
>
> I'm having the following problem with squid.I have a
> machine running squid (squid box) and some stations
> that are supposed to go through the squid box.
>
> When I set the browser of a station to go through the
> squid box (setting up to go through a proxy informing
> the IP of squid box and port) everything works just
> fine.
>
> But when I use some iptables redirect rules ("all
> incoming pkts destinated to port 80, go to port 3128")
> in the squid box and set that as gateway for the
> station, to make all the process transparent, any site
> I try to reach from the station receives de "URL could
> not be retrieved..." error.
>
> I think that the redirect is working, because the
> error page that is shown is generated by squid.
>
> What can be wrong? What's the difference between go
> through a proxy setting up the browser or by
> redirecting?
>
> I'm using squid-2.5STABLE and the redirect rule that
> I'm using is:
>
> iptables -A PREROUTING -s station_IP -d ! squid_box
> -dport 80 -j DNAT --to-destination squid_box:3128
>
> I also tried this one:
>
> iptables -A PREROUTING -s station_IP -d ! squid_box
> -dport 80 -j REDIRECT -to-port 3128
>
> I think that if the squid wasn't working, I could not
> go through it even setting the browser, and if the
> redirect wasn't working, I wouldn't receiving the
> error page generated by the squid... Am I right?
>
> Is there a light at the end of the tunnel? :-)
>
> Thanks a lot!
>
>
> _______________________________________________________________________
> Conheça o novo Cadê? - Mais rápido, mais fácil e mais preciso.
> Toda a web, 42 milhões de páginas brasileiras e nova busca por imagens!
> http://www.cade.com.br
Received on Tue Aug 05 2003 - 08:35:44 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:18:36 MST