Re: [squid-users] transparent proxy with squid from Sushil Deore on 2005-10-05 (squid-users)

From: Sushil Deore <sushil@dont-contact.us>
Date: Wed, 5 Oct 2005 12:23:45 +0530 (IST)

hello,

Thanks for your reply.

This rule exist in my setup and from logs I can see the 443 traffic
directed to the local squid port and then I am routing it to the main
squid box. The strange thing is that I am not seeing any return path of
the 443 request I am sending.

My setup is

[Transparent squid box] --> [squid box] --> [squid-cache box] -- ->
{external world}

If I send the 443 request using my "squid box" then that works perfectly
fine and I get all my 443 requests. Considering this in mind, theoretically
443 traffic from the "transparent squid box" should work with the
PREROUTING rule which you have mentioned, but its not working in my case.

It would be a great help for me if you can suggest me the way out to it.

Thanks in advance.

With Regards,

-- Sushil.

On Tue, 4 Oct 2005 trainier@kalsec.com wrote:

> I would assume you'd need to do something similiar to:
>
> iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 443 -j REDIRECT
> --to-port 3128
>
> Tim Rainier
> Information Services, Kalsec, INC
> trainier@kalsec.com
>
>
>
> Sushil Deore <sushil@cc.iitb.ac.in>
> 10/04/2005 01:06 PM
>
> To
> Henrik Nordstrom <hno@squid-cache.org>
> cc
> <squid-users@squid-cache.org>
> Subject
> [squid-users] transparent proxy with squid
>
>
>
>
>
>
>
> Dear Henrik,
>
> I configured a transparent proxy with squid by referring
> http://www.faqs.org/docs/Linux-mini/TransparentProxy.html#ss2.3
>
> Though Daniel has strictly mentioed not to ask him about HTTPS with
> transparent proxy but still I do have certain doubts in my mind which I'll
> try to explain here.
>
> I am setting up a wireless network for which I'll be using transparent
> proxy with squid. Though my transparent proxy is working fine and
> serving all port 80 traffic. I also need to serve https request and at
> this stage I am stucked up.
>
> With a seperate squid box as a proxy server I am serving the HTTPS
> request.
>
> Kindly let me know or suggest me how do I serve the HTTPS request using
> the transparent proxy or do I need to setup any additional setup to serve
> HTTPS traffic?
>
> Thanks in advance.
>
> With Regards,
>
> -- Sushil.
>
>
>
>
Received on Wed Oct 05 2005 - 00:52:13 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Nov 01 2005 - 12:00:04 MST