You need to allow outgoing DNS requests to make squid work properly.
On 5 Apr 2011 07:08, "Diego Xirinachs" <[email protected]> wrote: > Hi all, speaking of gateways and shorewall, I bumped into a problem today > with it. I have a 10.04 LTS server setup at a small office running shorewall > and squid, clients are configured MANUALLY to use the proxy server, but now > I want to make this proxy transparent and let shorewall redirect the proxy > requests becuase I need to setup a VPN and cisco VPN client doesnt have an > option to manually input a proxy. > > So I go ahead and configured my squid to be transparent and shorewall to > redirect the traffic to it, only thing is, it doesnt work, If I remove the > proxy address from a client to test it, I get the following error (I use > chromium browser): > > Error 137 (net::ERR_NAME_RESOLUTION_FAILED): Unknown error. > > My /etc/shorewall/rules are setup with this ACCEPT and REDIRECT rules: > > #ACTION SOURCE DEST PROTO DEST PORT(S) SOURCE ORIGINAL > # PORT(S) DEST > REDIRECT loc 3128 tcp www - > > ACCEPT $FW net tcp www > > > I have also tried putting the ACCEPT rule first but it didnt work also. > Squid Is installed on this same system and listening on port 3128 > > In my squid.conf Im pretty sure the ACL's are configured properly and I also > have this line: > > always_direct allow localhost > > That tells SQUID to always send traffic from the firewall directly to the > internet. > > IF you need any more info please dont hesitate to ask, im really out of > ideas on this one I think everything is setup correctly and have no idea why > It doesnt work. > > thanks in advance > -- > X1R1
-- ubuntu-server mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam
