Re: iptables and squid

[Steven McAvoy <stevenmcavoy@shawlink.ca>]

Hello,
Firstly, I'm not an expert in iptables or squid...I just use both on a 
regular basis. :)

From my readings of the Squid man pages and other online resources, I 
am led to believe that not all protocols are capable of being handled by 
redirecting the destination ports (21, 443, etc.) to squid-proxy's 
listening port (3128). I believe this method is called transparent proxying.

I'm quite confident that Squid can't transparently proxy FTP and SSL 
protocols....however, I'm not sure about what other protocols could be 
tranparently proxied (I only transparently proxy port 80 for myself).

-Steve

Mihira Fernando wrote:
> Luis wrote:
> > helloo everyone finally im controlling all the input and output traffic on
> > my network
> > now i would like to control the traffic and internet /intranet access via
> > squid
> > example
> >
> > 10.30.143.1-internal network
> > 10.30.142.1/server-gateway-and-iptables-firewall
> > 10.x.x.x-external network
> >
> > how can i redirect all the packets/ports to squid ? or at least control
> > the bandwith using iptables
> Make 10.30.142.1 the gateway for all the PCs in the internal network.
> Then on the gateway, use iptables and redirect all ports to the port
> squid listens to.
> eg : to redirect port 80 traffic to squid's 3128 :
> iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT
> --to-port 3128
>
> Ace.