Carlo Valdes wrote:
> Hello Guys.
>
> My transparent proxy still won't work. I have tried adding the line:
> /ipchains -A input -p TCP -d 0/0 80 -j REDIRECT 8080 to my init scripts
> already.
>
> I use kernel 2.2.16-x, I think transparent proxy was enabled by default.
> I need more advise.
>
> Regards,
> Carlo
>
> _
> Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph
> To leave: send "unsubscribe" in the body to [EMAIL PROTECTED]
Here is my setup:
my ipchains rule is:
ipchains -A input -p TCP -d 127.0.0.1 80 -j ACCEPT
ipchains -A input -p TCP -d 192.168.100.0/24 -j ACCEPT
ipchains -A input -p TCP -d 0/0 80 -j REDIRECT 8888
and my exact squid.conf:
http_port 8888
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
cache_dir ufs /data/squid/cache 500 16 256
cache_effective_user squid
cache_effective_group squid
ftp_user [EMAIL PROTECTED]
acl mydomain src 192.168.100.0/24
acl all src 0.0.0.0/0.0.0.0
http_access allow mydomain
http_access deny all
and I put ip forwarding:
echo "1" > /proc/sys/net/ipv4/ip_forwarding
be sure you add group squid and user squid set the shell to /dev/null or
/bin/false.
then run 'squid -z' to create the cache dir
and run squid -D
note: be sure you set the user permission on /usr/local/squid to squid.squid
(e.g. chown -R squid.squid /usr/local/squid)
and don't forget to put on the client node the default gw of the squid-cache
server.
I hope this may help you.
_
Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph
To leave: send "unsubscribe" in the body to [EMAIL PROTECTED]
