Dayo Adewunmi wrote:
> Hi,
>
> We use squid on our main server and I'm trying to set up a transparent
> proxy
> for one user. This transparent proxy would have our main squid as its
> parent,
> and the user won't have to make any changes in their browser. This is
> necessary,
> because the user has no admin privileges on his laptop, so I can go in
> there and
> change his settings.
>
> I'm using Ubuntu 8.04 on the main server and 9.04 on the transparent box.
>
> IPs:
> Main proxy: 192.168.0.1
> Trans. proxy: 192.168.5.2 (eth0 - external) 10.20.0.1 (eth1 - internal)
>
> This is my /etc/squid/squid.conf
>
> http_port 3128 transparent
> acl our_networks src 10.20.0.0/24
> acl localnet src 127.0.0.1/255.255.255.255
> http_access allow our_networks
> http_access allow localnet
> cache_peer 192.168.0.1 parent 3128 3130 proxy-only default
>
> And then I ran these two lines in my terminal and reloaded squid.
>
> |$ iptables -t nat -A PREROUTING -i eth1 -p tcp -m tcp --dport 80 -j
> DNAT --to-destination 10.20.0.1:3128
> $ iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j
> REDIRECT --to-ports 3128|
No.
>
> My user still can't access the internet with this. On my main server I
> have:
>
> /sbin/route add -net 10.0.0.0/8 gw 192.168.5.2
>
http://wiki.squid-cache.org/ConfigExamples/Intercept/LinuxDnat
Amos
-- Please be using Current Stable Squid 2.7.STABLE7 or 3.0.STABLE21 Current Beta Squid 3.1.0.15Received on Sun Jan 24 2010 - 21:30:51 MST
This archive was generated by hypermail 2.2.0 : Mon Jan 25 2010 - 12:00:04 MST