[squid-users] transparent squid not working .. any tips/advices is appreciated .. from Vixay Tom Bounxokvan on 2008-12-18 (squid-users)

From: Vixay Tom Bounxokvan <tom_at_qpsu.org.au>
Date: Fri, 19 Dec 2008 10:38:59 +1000

Hello,

I have gone through Internet and FAQ but couldn't find solution to this
problem.
I'm trying to setup squid to monitor users (which websites they are
visiting).

<<SETUP>>
IP range = 10.0.32.0/22 netmask = 255.255.252.0
[LAN PCs] -> [eth0 - F9 squid3-stable2 - eth1] -> [eth1 - Linux - eth0]
-> Internet
10.0.32.100+ 10.0.32.3 10.0.32.2 10.0.32.1 58.x.x.x

I'm using mostly the default setting below, allow all!

/etc/squid/squid.conf
cache_effective_user squid
cache_effective_group squid
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8
acl localnet src 10.0.32.0/22 # RFC1918 possible internal network
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access allow manager localhost
#http_access deny manager
http_access deny !Safe_ports
#http_access deny CONNECT !SSL_ports
http_access allow localnet
http_access allow localhost
#http_access deny all
icp_access allow localnet
#icp_access deny all
htcp_access allow localnet
#htcp_access deny all
http_port 10.0.32.3:3128 transparent
always_direct allow localnet
hierarchy_stoplist cgi-bin ?
access_log /var/log/squid/access.log squid
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern (cgi-bin|\?) 0 0% 0
refresh_pattern . 0 20% 4320
icp_port 3130

It works fine if I put the proxy setting in the browser but transparent
proxy does not it work. Transparent proxy is not compiled in SQUID rpm?
How can I find out?

This is what I get when I tried transparent proxy ..
/var/log/squid/access.log
1229583671.700 0 10.0.32.90 NONE/400 1823 GET / - NONE/- text/html
1229583671.733 0 10.0.32.90 NONE/400 1845 GET /favicon.ico - NONE/-
text/html
1229583674.762 0 10.0.32.90 NONE/400 1845 GET /favicon.ico - NONE/-
text/html
1229583675.300 0 10.0.32.90 NONE/400 1823 GET / - NONE/- text/html
1229583677.693 0 10.0.32.90 NONE/400 1823 GET / - NONE/- text/html
1229583677.711 0 10.0.32.90 NONE/400 1845 GET /favicon.ico - NONE/-
text/html
1229583680.485 0 10.0.32.90 NONE/400 1823 GET / - NONE/- text/html
1229583680.570 0 10.0.32.90 NONE/400 1845 GET /favicon.ico - NONE/-
text/html
1229583680.687 0 10.0.32.90 NONE/400 1845 GET /favicon.ico - NONE/-
text/html
1229583680.688 0 10.0.32.90 NONE/400 1845 GET /favicon.ico - NONE/-
text/html
1229583686.219 0 10.0.32.90 NONE/400 1829 GET /ten - NONE/-
text/html
1229583690.862 0 10.0.32.90 NONE/400 1823 GET / - NONE/- text/html
1229583690.887 0 10.0.32.90 NONE/400 1845 GET /favicon.ico - NONE/-
text/html
1229583693.880 0 10.0.32.90 NONE/400 1845 GET /favicon.ico - NONE/-
text/html
1229583695.224 0 10.0.32.90 NONE/400 1829 GET /%27 - NONE/-
text/html
1229584207.617 0 10.0.32.90 NONE/400 1959 GET
/safebrowsing/rd/goog-malware-shavar_s_8806-8810;8806-8808;8809-8810: -
NONE/- text/html

Any help is much appreciate.. this is my first time with Squid ..
thanks!

Tom
Received on Fri Dec 19 2008 - 00:39:14 MST

This archive was generated by hypermail 2.2.0 : Mon Dec 22 2008 - 12:00:02 MST