-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [EMAIL PROTECTED] wrote: > I dont know what is the connection tracking. I just saw in another > questions-reply and i set it up but it didnt help. > Do you know what ports should i enabled for the squid???? This is my main > problem. Nobody using his firewall with proxy in the same time in same pc? > > >
Ok, this will help you: apt-get install nmap once that is installed: nmap localhost (to be run from/on the actual firewall/proxy computer) In the output look for something like: 8080/tcp open http-proxy The port number 8080 might be different, but that is the port the squid is listening on. Then, assuming you are trying to build a transparent proxy server, the iptables rule should look something like: # Force outgoing http requests to use the transparent proxy server iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT - - --to-port 8080 This assumes: eth0 is your internal network interface squid is listening for connections on port 8080, change 8080 to the number of the port identified by nmap above. There is plenty of documentation available at http://www.squid-cache.org/ and google (search for "transparent proxy squid" HTH, Regards, Dave -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.5 (GNU/Linux) iD8DBQFCzOc262r58u1gKlkRAlPfAKCIYOjql1knbh5BK2zFXtT8CEHe/wCgv0nO tOQecSjiZiTgUsmKwK6xUj0= =a+V1 -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
