Ricardo A wrote:
> I have a server-Debian Lenny as a router-firewall-webserver with
> Squid 2.7 and Apache2. Asked is: how could I configure Squid as a
> transparent proxy (for the internal network) and also as accelerator
> mode for the webserver??? And what would the iptables rules to output
> Internet (from internal network) and to input external requests to
> port 80 of web server???? Sorry, I came here because can not find
> updated doc in spanish about Squid 2.7... Thanks for any help Ricardo
I assume by "transparent" you mean "NAT intercepting", based on the
mantion of iptables.
Your interception setup in iptables _should_ only be catching the port
80 traffic going from the internal clients to the Internet. Leaving
traffic coming in from the Internet, and traffic coming from the Squid
box completely untouched. You may need to add "-s $CLIENTIPS/RANGE" to
the iptables rules depending on which tutorial you followed to set it up.
The interception rules also _should_ be redirecting the traffic to some
random listening port Squid is using on the Squid box. (DO NOT use port
80 as the 'transaprent' squid receiving port for this!).
Given those two requirements for interception, add the reverse proxy
configuration to squid.conf and open port 80 for whoever to get access.
http://wiki.squid-cache.org/ConfigExamples/Reverse/BasicAccelerator
Noting that the reverse-proxy config details need to all be above the
http_access lines controlling the interception access permissions.
Amos
-- Please be using Current Stable Squid 2.7.STABLE6 or 3.0.STABLE18 Current Beta Squid 3.1.0.13Received on Thu Aug 20 2009 - 23:51:26 MDT
This archive was generated by hypermail 2.2.0 : Fri Aug 21 2009 - 12:00:03 MDT