Sort out your IpChains rules - tell everything destined for the web server
to go to the web server and everything else to go off to squid. My server
in this case is 192.168.0.1. and network is 192.168.0.0.
Remember also to leave the ipchains -F at the top of the script else it gets
ever so messy, especially whilst you are testing.. There's a couple of other
bits about timeouts which are handay as well - have a dig through the
ipchains FAQ and example configs.
Good luck!
Toby.
#########################
## Clear old stuff
/sbin/ipchains -F
###########################
## Transparent Proxy Stuff
# Loopback
ipchains -A input -p TCP -d 127.0.0.1/32 www -j ACCEPT
ipchains -A input -p TCP -d 192.168.0.1/32 www -j ACCEPT
# Forward other bits to the proxy
ipchains -A input -p TCP -d any/0 www -j REDIRECT 3128
##########################
# Masquerade everything else on 192.168.0.0
/sbin/ipchains -A forward -s 192.168.0.0/16 -j MASQ
-----Original Message-----
From: Peter Alliett [mailto:palliett@accurcast.com]
Sent: 08 September 2000 16:38
To: 'squid-users@ircache.net'
Subject: [SQU] Squid Transparent Proxy Problem - HELP
I am running Linux Mandrake 7.0 kernel 2.2.14 with Squid version 2.
I have configured it for transparent proxy and it is working fine.
I would like to do a couple of more things that I can't get to work even
after reading the FAQs and searching usenet.
1. I would like users to authinicate to the server, this was working until
I enable transparent proxy through the config file
2. I can not seem to access the web server anymore. I type in
www.accurcast.com and squid says access denied and the acceess log file says
something about access denied nobody none. I figure this has to do with the
ipchains redirect of port 80 to 3128. How do I get this to work.
Thanks,
Peter Alliett
-- To unsubscribe, see http://www.squid-cache.org/mailing-lists.html -- To unsubscribe, see http://www.squid-cache.org/mailing-lists.htmlReceived on Fri Sep 08 2000 - 09:55:26 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:55:14 MST