[squid-users] Re: Squid + DansGuardian + Bridging

From: psd17j-jacob <jacob.roebauer_at_gmail.com>
Date: Wed, 25 Sep 2013 08:37:05 -0700 (PDT)

Thanks Amos,

So I now have this for ebtables:
:BROUTING ACCEPT
-A BROUTING -p IPv4 -i eth1 --ip-proto tcp --ip-dport 80 -j redirect
--redirect-target DROP
-A BROUTING -p IPv6 -i eth0 --ip6-proto tcp --ip6-sport 80 -j redirect
--redirect-target DROP
-A BROUTING -p IPv4 -i eth0 --ip-proto tcp --ip-sport 80 -j redirect
--redirect-target DROP

and this for iptables:

-A PREROUTING -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8080
-A PREROUTING -p tcp -m tcp --dport 443 -j REDIRECT --to-ports 8080
-A PREROUTING -p tcp -m tcp --dport 3128 -j REDIRECT --to-ports 8080

Still no go unfortunately. I'm pretty sure that the brouting interfaces are
correct as they are, but just to make sure I flipped them around, restarted
ebtables, and still had no luck.

I just want to make sure I did not miss anything with my squid
configuration. So, I have
http_port 3128 transparent
I attempted to use the following rules, however squid would have a cow and
didn't want to start.

httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_single_host off
httpd_accel_with_proxy on
httpd_accel_uses_host_header on

In addition in /etc/sysctl.conf I have:
net.ipv4.conf.default.rp_filter = 0
net.ipv4.ip_forward = 1

So, when I
[root_at_squid0 ~]# cat /proc/sys/net/ipv4/ip_forward
1
[root_at_squid0 ~]#

So I think everything should be good. Please let me know if you have any
other ideas. Once again, thanks for your time!

--
View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-DansGuardian-Bridging-tp4662202p4662292.html
Sent from the Squid - Users mailing list archive at Nabble.com.
Received on Wed Sep 25 2013 - 15:37:47 MDT

This archive was generated by hypermail 2.2.0 : Wed Sep 25 2013 - 12:00:06 MDT