Re: Transparent proxy - forwarding does not work

To: debian-user@lists.debian.org
Subject: Re: Transparent proxy - forwarding does not work
From: Alex Samad <alex@samad.com.au>
Date: Tue, 15 Jan 2008 22:35:48 +1100
Message-id: <[🔎] 20080115113548.GK32184@samad.com.au>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] 478C86D6.8040701@gmail.com>
References: <[🔎] 478BB759.4000000@gmail.com> <[🔎] 20080114215959.GT6694@samad.com.au> <[🔎] 478C86D6.8040701@gmail.com>

On Tue, Jan 15, 2008 at 08:11:34AM -0200, Eduardo M KALINOWSKI wrote:
> Alex Samad wrote:
>> On Mon, Jan 14, 2008 at 05:26:17PM -0200, Eduardo M KALINOWSKI wrote:
>>   
>>>    I'm trying to setup a transparent caching proxy with Squid. I've 
>>> installed Squid, configured it, in particular using the line
>>> http_port 3128 transparent
>>>
>>>    The proxy is working fine. If I specify the proxy manually, I can see 
>>> it being used from access.log, and note the results of caching.
>>>
>>>    However, the automatic forwarding is not working. First, I've enabled 
>>> forwarding with
>>> echo 1 > /proc/sys/net/ipv4/ip_forward
>>>     
>> are you only trying to capture http request from this machine ? if so you 
>> don't need this
>>
>>   
>>>    Then, following instructions found in the internet, I've run
>>> iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT 
>>> --to-port 3128
>>>     
>>
>> if you are only trying to capture http request from this machine (the same 
>> as the proxy) then you need to use the output chain 
>
> OK, so I changed the line and ran
>
> iptables -t nat -A OUTPUT -p tcp --dport 80 -j REDIRECT --to-port 3128
>
> This does make the requests go through the proxy. However, I can only 
> access objects which are already in cache. When squid needs to fetch an 
sounds like the problem

set tcp_outgoing_address in squid.conf, assign you box 2 addresses, 1 for 
normal use and the other for squid use and then setup the iptables filter to 
only pick up from the first


> object from some server, the browser or wget stay at "Waiting connection". 
> Possibly the proxy's request is being again forwarded to the proxy.
>
> -- 
> There's no sense in being precise when you don't even know what you're talking
> about.
> 		-- John von Neumann
>
> Eduardo M KALINOWSKI
> ekalin@gmail.com
> http://move.to/hpkb
>
>
> -- 
> To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org with a 
> subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
>
>

-- 
"My administration has been calling upon all the leaders in the -- in the Middle East to do everything they can to stop the violence, to tell the different parties involved that peace will never happen."

	- George W. Bush
08/13/2001
Crawford, TX

Attachment: signature.asc
Description: Digital signature

Reply to:

Follow-Ups:
- [SOLVED] Re: Transparent proxy - forwarding does not work
  - From: Eduardo M KALINOWSKI <ekalin@gmail.com>

References:
- Transparent proxy - forwarding does not work
  - From: Eduardo M KALINOWSKI <ekalin@gmail.com>
- Re: Transparent proxy - forwarding does not work
  - From: Alex Samad <alex@samad.com.au>
- Re: Transparent proxy - forwarding does not work
  - From: Eduardo M KALINOWSKI <ekalin@gmail.com>

Prev by Date: Re: problems with mrxvt
Next by Date: Building and upgrading a package...
Previous by thread: Re: Transparent proxy - forwarding does not work
Next by thread: [SOLVED] Re: Transparent proxy - forwarding does not work
Index(es):
- Date
- Thread