is that a typo on the httpd_accel_port 0?
it should be httpd_accel_port 80
if it isnt a typo and that is what you have in your squid.conf thats the
problem. also, what kernel are you using on the linux/squid box? what does
the output of
iptables -L -n -t nat
show and what is your exact iptables ruleset that you load?
another question, did you compile squid with the option
-enable-linux-netfilter
i just got this working in two locations this week so i am familiar with it.
On Tuesday 18 June 2002 10:35 am, Mark.H.Price@AOC.STATE.NC.US wrote:
> Hello list. I am looking for some help.
>
> I have configured a squid proxy with:
>
> httpd_accel_host virtual
> httpd_accel_port 0
> httpd_accel_with_proxy on
> httpd_accel_uses_host_header on
>
> I set http_port to 80 , and on the Cisco router that is the gateway for
> the 10.91.254.0/24 network, we added:
>
> route-map proxy-redirect permit 10
> match ip address 110
> set ip next-hop 10.91.254.24
>
> (10.91.254.24 is the squid proxy)
>
> access-list 110 deny tcp any any neq www
> access-list 110 deny tcp host 10.91.254.24 any
> access-list 110 permit tcp any any
>
> interface ethernet2/1
> ip policy route-map proxy-redirect
>
>
> But, when we tried to surf, the transparent proxy did not work for users
> on the 10.91.254.0/24 network. Any website we tried to access got no
> response.
>
> I also tried moving the squid http_port to 3128, and enabling ip_forward
> in /proc/sys/net/ipv4 and using the iptables rule mentioned in part 17 of
> the FAQ to redirect port 80 to 3128.. this didn't work either.
>
> Most of the documentation I have read only deals with a proxy
> that is on the same machine as the gateway machine.. We want to keep
> our Cisco router as the gateway for the network. We are testing this,
> and we want to deploy this configuration for about 3000+ users.
>
> I guess the next step if this doesn't work is to try wccp
>
> Any insight, suggestions, or comments would be appreciated!!
>
> Thanks
>
> Mark
-- Chad Whitten Network/Systems Administrator neXband Communications cwhitten@nexband.comReceived on Fri Jun 21 2002 - 08:29:55 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:08:45 MST