Re: Transparent proxy - forwarding does not work

To: debian-user@lists.debian.org
Subject: Re: Transparent proxy - forwarding does not work
From: Alex Samad <alex@samad.com.au>
Date: Tue, 15 Jan 2008 08:59:59 +1100
Message-id: <[🔎] 20080114215959.GT6694@samad.com.au>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] 478BB759.4000000@gmail.com>
References: <[🔎] 478BB759.4000000@gmail.com>

On Mon, Jan 14, 2008 at 05:26:17PM -0200, Eduardo M KALINOWSKI wrote:
>
>    I'm trying to setup a transparent caching proxy with Squid. I've 
> installed Squid, configured it, in particular using the line
> http_port 3128 transparent
>
>    The proxy is working fine. If I specify the proxy manually, I can see it 
> being used from access.log, and note the results of caching.
>
>    However, the automatic forwarding is not working. First, I've enabled 
> forwarding with
> echo 1 > /proc/sys/net/ipv4/ip_forward
are you only trying to capture http request from this machine ? if so you don't 
need this

>
>    Then, following instructions found in the internet, I've run
> iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT 
> --to-port 3128

if you are only trying to capture http request from this machine (the same as 
the proxy) then you need to use the output chain 

> to setup automatic forwarding of http requests. The command runs fine, and 
> the rule is added:
> # iptables -t nat -L
> Chain PREROUTING (policy ACCEPT)
> target     prot opt source               destination
> REDIRECT   tcp  --  anywhere             anywhere            tcp dpt:www 
> redir ports 3128
>
> Chain POSTROUTING (policy ACCEPT)
> target     prot opt source               destination
>
> Chain OUTPUT (policy ACCEPT)
> target     prot opt source               destination
>
>    However, the forwarding simply does not happen. Requests do not pass 
> through the proxy, everything works as before.
>
>    Is there anything that is missing?
>
>    Kernel is linux-image-2.6.22-2-amd64, version 2.6.22-4 . Now I'm using 
> squid3 version 3.0.STABLE1-1, but I've also tried with squid 2.6.17-1, and 
> the results are the same.
>
> Thanks in advance,
>
> -- 
> History repeats itself.  That's one thing wrong with history.
>
> Eduardo M KALINOWSKI
> ekalin@gmail.com
> http://move.to/hpkb
>
>
> -- 
> To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org with a 
> subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
>
>

-- 
"Perhaps one way will be, if we use military force, in the post-Saddam Iraq the U.N. will definitely need to have a role. And that way it can begin to get its legs, legs of responsibility back."

	- George W. Bush
03/16/2003
the Azores, Portugal

Attachment: signature.asc
Description: Digital signature

Reply to:

Follow-Ups:
- Re: Transparent proxy - forwarding does not work
  - From: Eduardo M KALINOWSKI <ekalin@gmail.com>

References:
- Transparent proxy - forwarding does not work
  - From: Eduardo M KALINOWSKI <ekalin@gmail.com>

Prev by Date: Re: [OT] top posting
Next by Date: Re: new user question: debian on a Thinkpad T61
Previous by thread: Transparent proxy - forwarding does not work
Next by thread: Re: Transparent proxy - forwarding does not work
Index(es):
- Date
- Thread