transparent proxy on http and https
I currently have a transparent proxy on http with two separate boxes:
firewall-box and squid-box like the howto suggests, however I can't make
the setup work with https as well.
It looks something like this:
_____L_o_c_a_l____n_e_t_______________________
| |
____ _____
|Fw | |Squid|
(LAN)----eth1-|Box |-eth0-----------|Box |
|____| |_____|
firewall-box (3 rules):
iptables -t nat -A PREROUTING -i eth1 -p tcp -s \! ETH1_IP -d 0/0
-m multiport --destination-ports 80,443 -j DNAT --to SQUID_BOX:3128
iptables -t nat -A POSTROUTING -o eth1 -s LOCAL_NET -d SQUID_BOX -j SNAT
--to ETH1_IP
iptables -A FORWARD -s $rediteso -d SQUID_BOX -i eth1 -o eth0 -p tcp
--dport 3128 -j ACCEPT
squid-box (squid.conf):
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
I've not found any docs on several httpd_accel_ports, I added another
line with httpd_accel_port 443 and it showed a cannot display page error
for http://whatever.com:443
^^^^
Both boxes are running woody with linux 2.4.21 and squid is a vanilla
2.5.STABLE3
Is there a way to have both ports handled transparently with iptables
and squid? like a httpd_accel_multiports ?? :)
Thanks in advance
José
Reply to: