Re: Transparent proxy - forwarding does not work

To: debian-user@lists.debian.org
Subject: Re: Transparent proxy - forwarding does not work
From: "Mihira Fernando" <mihiratheace@gmail.com>
Date: Thu, 17 Jan 2008 14:37:58 +0000
Message-id: <[🔎] a428046f0801170637u2fc70e4ak90cf82d3c8ad1c0d@mail.gmail.com>
In-reply-to: <[🔎] 478BB759.4000000@gmail.com>
References: <[🔎] 478BB759.4000000@gmail.com>

On Jan 14, 2008 7:26 PM, Eduardo M KALINOWSKI <ekalin@gmail.com> wrote:
>
>     I'm trying to setup a transparent caching proxy with Squid. I've
> installed Squid, configured it, in particular using the line
> http_port 3128 transparent
>
>     The proxy is working fine. If I specify the proxy manually, I can
> see it being used from access.log, and note the results of caching.
>
>     However, the automatic forwarding is not working. First, I've
> enabled forwarding with
> echo 1 > /proc/sys/net/ipv4/ip_forward
>
>     Then, following instructions found in the internet, I've run
> iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT
> --to-port 3128
> to setup automatic forwarding of http requests. The command runs fine,
> and the rule is added:
> # iptables -t nat -L
> Chain PREROUTING (policy ACCEPT)
> target     prot opt source               destination
> REDIRECT   tcp  --  anywhere             anywhere            tcp dpt:www
> redir ports 3128
>
> Chain POSTROUTING (policy ACCEPT)
> target     prot opt source               destination
>
> Chain OUTPUT (policy ACCEPT)
> target     prot opt source               destination
>
>     However, the forwarding simply does not happen. Requests do not pass
> through the proxy, everything works as before.
>
>     Is there anything that is missing?
>
>     Kernel is linux-image-2.6.22-2-amd64, version 2.6.22-4 . Now I'm
> using squid3 version 3.0.STABLE1-1, but I've also tried with squid
> 2.6.17-1, and the results are the same.
>
> Thanks in advance,
>
> --
> History repeats itself.  That's one thing wrong with history.
>
> Eduardo M KALINOWSKI
> ekalin@gmail.com
> http://move.to/hpkb
>

I have the almost exact setup with Squid 2.6 and it works fine. One
point though, I have 2 network interfaces, eth0 for internet and eth1
for LAN.

Squid listens only on eth1 and loop back on transparent mode.

http_port my.lan.ip:3128 transparent
http_port 127.0.0.1:3128 transparent

Mihira.

-- 
Random Quotes From Megas XLR
Coop: You see? The mysteries of the Universe are revealed when you break stuff.
Jamie: When in doubt, blow up a planet.
Kiva: It's an 80 foot robot, if we can't see it, absolutely it's not here.
Glorft Technician: Unnecessary use of force in capturing the Earthers
has been approved.

Reply to:

Follow-Ups:
- Re: Transparent proxy - forwarding does not work
  - From: "Mihira Fernando" <mihiratheace@gmail.com>

References:
- Transparent proxy - forwarding does not work
  - From: Eduardo M KALINOWSKI <ekalin@gmail.com>

Prev by Date: Re: Movies, household network and 54g limits... (maybe...)
Next by Date: Re: Transparent proxy - forwarding does not work
Previous by thread: Re: [SOLVED] Re: Transparent proxy - forwarding does not work
Next by thread: Re: Transparent proxy - forwarding does not work
Index(es):
- Date
- Thread