Thanks! That would indeed cover the first issue :-) I initially used
redirect because somewhere I read that it's not a good idea forwarding
the traffic directly to the port where squid listens and it should be
pointed to another port instead and then redirected. However, working as
this, it would be enough to set a firewall policy to permit just the
client range of IPs. Let's see whether I can solve the second issue too...
Regards!
El 15/07/2014 21:21, babajaga escribió:
> Regarding first issue:
> Have a look here for a correct solution:
> http://wiki.squid-cache.org/ConfigExamples/Intercept/AtSource
>
>
> #Example for squid and NAT on same machine:
> iptables -t nat -A OUTPUT -p tcp --dport 80 -j DNAT --to-destination
> SQUIDIP:3128
> #Replace SQUIDIP with the public IP which squid may use for its listening
> port and outbound connections.
>
> You are redirecting port 8080 ... That means, you have a proxy explicitly
> set up in the brwoser.
> DO not do this for transparent squid. That's the purpose of the steup :-)
>
>
>
>
>
>
> --
> View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/Three-questions-about-Squid-configuration-tp4666931p4666933.html
> Sent from the Squid - Users mailing list archive at Nabble.com.
Received on Tue Jul 15 2014 - 21:23:28 MDT
This archive was generated by hypermail 2.2.0 : Wed Jul 16 2014 - 12:00:18 MDT