Re: [squid-users] RE: Squid as Network Monitor from jeffrey j donovan on 2012-01-10 (squid-users)

From: jeffrey j donovan <donovan_at_beth.k12.pa.us>
Date: Tue, 10 Jan 2012 19:37:38 -0500

On Jan 10, 2012, at 9:46 AM, Babelo Gmvsdm wrote:

>
> I checked the premissions on /var/logs/squid3/, where everything is owned by proxy:proxy (access.log, cache.log etc...)
> I ran the squid3 -k rotate, the rotations worked well anyway.
> One more thing when the Pc which host the squid, use itself as a proxy, the access.log populate

Sounds similar to what i was doing last week with OSX 10.6. I had to modify the Kernel to allow communication between en0 and en1. I had to enable " Ipforwarding " on the system to operate in transparent mode. I also had to turn ip scope routing off also.
-j

>
> So the squid app seems to work properly, it seems the problem come from the iptables which not redirect to the squid.
> On more thing I don't know why but a ps aux | grep squid give this:
> root 1456 0.0 0.1 43176 1732 ? Ss Jan09 0:00 /usr/sbin/squid3 -YC -f /etc/squid3/squid.confproxy 1465 0.0 1.6 80284 17172 ? S Jan09 0:27 (squid) -YC -f /etc/squid3/squid.conf
>
> Do you know why I have 2 squid processes? (i have installed squid3, just with an "apt-get install squid3" )
> cheers
> HerC.
>
> ----------------------------------------
>> From: hercule18_at_hotmail.com
>> To: squid-users_at_squid-cache.org
>> Subject: Squid as Network Monitor
>> Date: Tue, 10 Jan 2012 12:37:20 +0100
>>
>>
>> Hi,
>> I have built a machine with a Squid, with lightsquid, and i would like to use it just like a network monitor.
>> So I plugged the ETH1 of the PC on a cisco switch on a port that received each traffic send to the internet.
>> the squid is started. (transparent mode)the ip forward is set to 1I have put this iptables rule: iptables -t nat - A PREROUTING -i eth1 -p tcp --dport 80 -j REDIRECT --to-port 3128
>> but the access.log does not populate, whereas on Ntop, on the same machine, I see a lot of traffic (http)
>> Something weird is the command iptables -L -t nat -v , shows no match for the rule created.
>> First I think that ntop could intercept the traffic, but stopping it did not helped?
>> Thanks for your future help.
>> Herc.
>
Received on Wed Jan 11 2012 - 00:37:39 MST

This archive was generated by hypermail 2.2.0 : Wed Jan 11 2012 - 12:00:02 MST