Moin,
I setup a perfect running squid as a transparent proxy for http access.
According to http://en.tldp.org/HOWTO/TransparentProxy.html, the gateway
redirects all communication at port 80 to the host running squid:
iptables -t nat -A PREROUTING -i eth0 -s ! 192.168.2.53 -p tcp --dport 80 -j
DNAT --to 192.168.2.53:3128
iptables -t nat -A POSTROUTING -o eth0 -s 192.168.2.0/255.255.255.0 -d
192.168.2.53 -j SNAT --to 192.168.2.1
iptables -A FORWARD -s 192.168.2.0/255.255.255.0 -d 192.168.2.53 -i eth0 -o
eth0 -p tcp --dport 3128 -j ACCEPT
Additional, squid is configured with
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
Now I thougt it's time to test a https setup. Therefore, I added one more rule
to the firewall:
iptables -t nat -A PREROUTING -i eth0 -s ! 192.168.2.53 -p tcp --dport 443 -j
DNAT --to 192.168.2.53:3128
Even the https proxy works if the squid host is configured in the browser, it
fails as soon it should work as a transparent proxy. I guess an additional
configuration is required to tell squid to work as a transparent https
proxy ... but how?
Thanks
-- |Michael Renner E-mail: michael.renner@gmx.de | |D-72072 Tuebingen Germany ICQ: #112280325 | |Germany Don't drink as root! ESC:wqReceived on Sun Sep 26 2004 - 10:17:11 MDT
This archive was generated by hypermail pre-2.1.9 : Fri Oct 01 2004 - 12:00:03 MDT