You could try this:
If you did not set up the proxy in your browser (and I think so), you
should activate "transparent proxying" in your squid.conf. In this case,
you would redirect the traffic with dport 80 to <squid-host>:80, not
3128. The difference is that your browser does not know to use a proxy,
but you are redirecting this foward to a proxy. Thus the proxy should
work with transparent proxying, cause this is what you want squid to do.
Evan Fribourg schrieb:
>Hello all --
>
>I have a working copy of squid setup -- out of the box install, no config
>changes except the allowed hosts.
>When I set my browser to use squid directly, everything works fine.
>However, I'm trying to redirect traffic from a specific host on my network
>to the squid without actually setting up the proxy in the browser using
>iptables.
>
>My iptables line is as follows:
>$IPTABLES -t nat -A PREROUTING -p tcp --dport 80 -s 192.168.1.140 -j DNAT
>--to-destination <external_ip>:3128
>
>This line does route the traffic correctly, but I get an Invalid Request
>error from squid:
>
>----
>
>ERROR
>The requested URL could not be retrieved
>
>While trying to process the request:
>
>GET / HTTP/1.1
>Host: www.google.com
>User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.5)
>Gecko/20060719 Firefox/1.5.0.5
>Accept:
>text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=
>0.8,image/png,*/*;q=0.5
>Accept-Language: en-us,en;q=0.5
>Accept-Encoding: gzip,deflate
>Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
>Keep-Alive: 300
>Connection: keep-alive
>
>The following error was encountered:
>
> * Invalid Request
>
>Some aspect of the HTTP Request is invalid. Possible problems:
>
> * Missing or unknown request method
> * Missing URL
> * Missing HTTP Identifier (HTTP/1.0)
> * Request is too large
> * Content-Length missing for POST or PUT requests
> * Illegal character in hostname; underscores are not allowed
>
>Your cache administrator is webmaster.
>
>-----
>
>In the squid log:
>Cache.log: 2006/07/31 10:12:47| clientReadRequest: FD 12 Invalid Request
>Access.log: 1154365967.274 11 <my_ip> TCP_DENIED/400 1750 GET
>error:invalid-request - NONE/- text/html
>
>-----
>
>The HTTP header looks fine to me, and squid really isn't giving me enough
>data to troubleshoot further...
>
>Any ideas of how I should proceed in troubleshooting this?
>
>Kind regards,
>
>Evan Fribourg
>Web Application Developer
>Deniro Marketing
>mailto:evan@deniromarketing.com
>
>
>
>
Received on Mon Jul 31 2006 - 11:28:21 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Aug 01 2006 - 12:00:02 MDT