Nope, didn't work: I still have to tell my client computer there is a proxy on 192.168.1.1 port 80, although it should be working transparantly ...
Anyone ? I'm really stuck with this. ----- Original Message ----- From: "hendy.yuwono" <[EMAIL PROTECTED]> To: "Mike Putter" <[EMAIL PROTECTED]> Sent: Saturday, January 25, 2003 3:58 AM Subject: Re: [squid-users] transparant proxying and redirecting > Place eth1 for local, and eth0 for connect to internet. > > Set up masq: > echo 1 > /proc/sys/net/ipv4/ip_forward > # del & flush > iptables -F > iptables --table nat --flush > iptables --delete-chain > iptables --table nat --delete-chain > > # Set IP forwarding and MASQ > iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j > REDIRECT --to-port 3128 > iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE > iptables --append FORWARD --in-interface eth1 -j ACCEPT > > And for squid.conf: > > http_port 3128 > httpd_accel_host virtual > httpd_accel_port 80 > httpd_accel_with_proxy on > httpd_accel_uses_host_header on > > > ----- Original Message ----- > From: "Mike Putter" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Saturday, January 25, 2003 4:06 AM > Subject: Re: [squid-users] transparant proxying and redirecting > > > > Kenn, > > > > I just added the -i eth0 to my line and did a 'service squid restart', but > > without any luck. > > > > > > ----- Original Message ----- > > From: "Kenn Murrah" <[EMAIL PROTECTED]> > > To: "Mike Putter" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> > > Sent: Friday, January 24, 2003 9:07 PM > > Subject: Re: [squid-users] transparant proxying and redirecting > > > > > > > Mike: > > > > > > The only difference I see between your setup and mine (which works fine) > > is > > > the iptables line .. Here's mine: > > > > > > iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j > > > REDIRECT --to-port 3128 > > > > > > (I'm running Mandrake 8.2 on that box) .... > > > > > > Also, you're telling the browser that you are using NO proxy, right? > > > > > > HTH, > > > > > > kennM > > > > > > > > > ----- Original Message ----- > > > From: "Mike Putter" <[EMAIL PROTECTED]> > > > To: <[EMAIL PROTECTED]> > > > Sent: Friday, January 24, 2003 1:46 PM > > > Subject: [squid-users] transparant proxying and redirecting > > > > > > > > > > I've searched the FAQ and scanned for hundreds of postings but was not > > > able > > > > to find a practical solution for transparant redirecting with squid: > > > > My Linux (Mandrake 9.0) box acts as a gateway and proxyserver. > > > > With iptables I redirect every HTTP request to squid: > > > > iptables -t nat -A PREROUTING -p TCP --dport 80 -j REDIRECT --to-port > > 3128 > > > > > > > > I've setup transparant proxying: > > > > httpd_accel_host virtual > > > > httpd_accel_port 80 > > > > httpd_accel_with_proxy on > > > > httpd_accel_uses_host_header on > > > > > > > > Unfortunately, I still can't surf the web -UNLESS: I configure my > > browser > > > > (IE6) to use 192.168.1.1 port 80. > > > > Now that shouldn't be needed with transparant proxying, right ? So, > > what's > > > > missing ? > > > > > > > > Furthermore: I want to restrict users to access only one (or a few > > sites). > > > > How can the user be forced that the first page he sees is, for > instance > > > > www.squid-cache.org, irregardless of what he types in the address-bar > of > > > his > > > > browser. I think that squid is not able to do so, as the URL path > needs > > to > > > > be rewritten, right ? I did find a posting about some Perl script to > do > > > > this, but I really don't know how to use or activate this script > before > > > > squid processes the request further. > > > > > > > > If more info is needed I'll be glad to dig it up for you ! > > > > > > > > Mike > > > > > > > > > > > > > > > > > > >
