Re: Transparent proxy - forwarding does not work

[Eduardo M KALINOWSKI <ekalin@gmail.com>]

Alex Samad wrote:
> On Mon, Jan 14, 2008 at 05:26:17PM -0200, Eduardo M KALINOWSKI wrote:
>   
> >    I'm trying to setup a transparent caching proxy with Squid. I've 
> > installed Squid, configured it, in particular using the line
> > http_port 3128 transparent
> >
> >    The proxy is working fine. If I specify the proxy manually, I can see it 
> > being used from access.log, and note the results of caching.
> >
> >    However, the automatic forwarding is not working. First, I've enabled 
> > forwarding with
> > echo 1 > /proc/sys/net/ipv4/ip_forward
> >     
> are you only trying to capture http request from this machine ? if so you don't 
> need this
>
>   
> >    Then, following instructions found in the internet, I've run
> > iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT 
> > --to-port 3128
> >     
>
> if you are only trying to capture http request from this machine (the same as 
> the proxy) then you need to use the output chain 

OK, so I changed the line and ran

iptables -t nat -A OUTPUT -p tcp --dport 80 -j REDIRECT --to-port 3128

This does make the requests go through the proxy. However, I can only 
access objects which are already in cache. When squid needs to fetch an 
object from some server, the browser or wget stay at "Waiting 
connection". Possibly the proxy's request is being again forwarded to 
the proxy.

--
There's no sense in being precise when you don't even know what you're talking
about.
		-- John von Neumann

Eduardo M KALINOWSKI
ekalin@gmail.com
http://move.to/hpkb