Mahmood Ahmed wrote:
>
> Hello All!
>
> I know it very well that the problem i am seeking help about is not squid
> related but as i am so desperate thats why i am asking this question here.
> my squid 2.5 Stable 4 is running very fine, iptables is redirecting the port
> 80 to port 8080 but clients accessing https sites like hotmail and
> rhn.redhat.com are not able to get through. As i am only redirecting http
> traffic and allowing ip_forwarding thats why i cant understand why my clients
> cant access https sites.
> my iptables rule is as follow
>
> /usr/bin/iptables -t nat -A PREROUTING -p tcp -s 202.133.44.0/0 --dport
> 80:80 -j REDIRECT --to-ports 8080
> I will be very thank full to recieve any help.
>
> PS: MSN messenger and yahoo messenger are working fine with squid ( no
> problem of login or file transfer)
>
You may be bitten by fundamental drawbacks of setups related to transp.
proxying : does it work when the browser is set to use the proxy
directly ?
If yes, then some sites for instance check whether 'interleaving' http
-
https connections come from the same origin when accessing the site
through
authorization schemes.
The more fundamental issue is that transp. proxying breaks
ip host to host networking 'semantics'. Meaning http
proxying should 'execute' at the app. level in the networking stack
and should be kept separate and or not intervene with ip (and vice
versa).
M.
Received on Tue Oct 21 2003 - 07:58:03 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:20:34 MST