On Tue, Jan 15, 2008 at 08:11:34AM -0200, Eduardo M KALINOWSKI wrote: > Alex Samad wrote: >> On Mon, Jan 14, 2008 at 05:26:17PM -0200, Eduardo M KALINOWSKI wrote: >> >>> I'm trying to setup a transparent caching proxy with Squid. I've >>> installed Squid, configured it, in particular using the line >>> http_port 3128 transparent >>> >>> The proxy is working fine. If I specify the proxy manually, I can see >>> it being used from access.log, and note the results of caching. >>> >>> However, the automatic forwarding is not working. First, I've enabled >>> forwarding with >>> echo 1 > /proc/sys/net/ipv4/ip_forward >>> >> are you only trying to capture http request from this machine ? if so you >> don't need this >> >> >>> Then, following instructions found in the internet, I've run >>> iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT >>> --to-port 3128 >>> >> >> if you are only trying to capture http request from this machine (the same >> as the proxy) then you need to use the output chain > > OK, so I changed the line and ran > > iptables -t nat -A OUTPUT -p tcp --dport 80 -j REDIRECT --to-port 3128 > > This does make the requests go through the proxy. However, I can only > access objects which are already in cache. When squid needs to fetch an sounds like the problem
set tcp_outgoing_address in squid.conf, assign you box 2 addresses, 1 for normal use and the other for squid use and then setup the iptables filter to only pick up from the first > object from some server, the browser or wget stay at "Waiting connection". > Possibly the proxy's request is being again forwarded to the proxy. > > -- > There's no sense in being precise when you don't even know what you're talking > about. > -- John von Neumann > > Eduardo M KALINOWSKI > [EMAIL PROTECTED] > http://move.to/hpkb > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a > subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > > -- "My administration has been calling upon all the leaders in the -- in the Middle East to do everything they can to stop the violence, to tell the different parties involved that peace will never happen." - George W. Bush 08/13/2001 Crawford, TX
signature.asc
Description: Digital signature
