Re: [squid-users] WARNING: Disk space over limit
12.07.2017 4:34, Yuri пишет: > > 12.07.2017 3:25, Eliezer Croitoru пишет: >> Hey, >> >> If you are using a single process ie not SMP(default) use aufs instead of >> diskd cache_dir. >> It's much more stable and efficient then diskd(to my knowledge). > Not sure about you knowledge. Diskd is simple designed for another OS > than Linux. On appropriate platform it is not only stable, but quite > efficient than aufs. :) >> Eliezer >> >> >> Eliezer Croitoru >> Linux System Administrator >> Mobile: +972-5-28704261 >> Email: elie...@ngtech.co.il >> >> >> >> -Original Message- >> From: squid-users [mailto:squid-users-boun...@lists.squid-cache.org] On >> Behalf Of erdosain9 >> Sent: Tuesday, July 11, 2017 17:25 >> To: squid-users@lists.squid-cache.org >> Subject: [squid-users] WARNING: Disk space over limit >> >> Hi to all. >> Im having this warning >> >> 2017/07/11 11:37:44 kid1| WARNING: Disk space over limit: 17241692.00 KB > >> 1536 KB >> 2017/07/11 11:37:56 kid1| WARNING: Disk space over limit: 16800692.00 KB > >> 1536 KB >> 2017/07/11 11:38:07 kid1| WARNING: Disk space over limit: 16466860.00 KB > >> 1536 KB >> 2017/07/11 11:38:19 kid1| WARNING: Disk space over limit: 16152960.00 KB > >> 1536 KB >> 2017/07/11 11:38:30 kid1| WARNING: Disk space over limit: 15905772.00 KB > >> 1536 KB >> 2017/07/11 11:38:41 kid1| WARNING: Disk space over limit: 15664684.00 KB > >> 1536 KB >> 2017/07/11 11:38:52 kid1| WARNING: Disk space over limit: 15499404.00 KB > >> 1536 KB >> >> >> Why is this happening?? why is over limit?? >> >> [root@squid ~]# df -h >> S.ficheros Tamaño Usados Disp Uso% Montado en >> /dev/mapper/centos-root48G17G 31G 36% / >> devtmpfs 1,9G 0 1,9G 0% /dev >> tmpfs 1,9G 2,1M 1,9G 1% /dev/shm >> tmpfs 1,9G 8,5M 1,9G 1% /run >> tmpfs 1,9G 0 1,9G 0% /sys/fs/cgroup >> /dev/sda1 497M 143M 355M 29% /boot >> tmpfs 380M 0 380M 0% /run/user/0 > Where's the /var mountpoint? > >> SQUID.CONF >> >> cache_dir diskd /var/spool/squid 15000 16 256 > You specified 15000 megabytes for cache. So, reasonable > > WARNING: Disk space over limit: 17241692.00 KB > > 1536 KB > > Squid tries to save more than you specified. >> cache_mem 1000 MB >> maximum_object_size_in_memory 1 MB >> >> cache_swap_low 90 >> cache_swap_high 95 > and if you take a look onto your swap_hi/low values you can see it's not > do replacement to the end of specified store limit. >> Yes, it is over cache_dir... but why?? and how i correct this? > Try to do two things. First - increase cache_dir formal size. Second - > return > > cache_swap_low > > to it's default value. > > Because of "Premature optimization is root of all evils". Ops, it default value is 90 :) My bad, too much nightly work :) Well. Let's read squid.conf.documented: # TAG: cache_swap_low(percent, 0-100) #The low-water mark for AUFS/UFS/diskd cache object eviction by #the cache_replacement_policy algorithm. # #Removal begins when the swap (disk) usage of a cache_dir is #above this low-water mark and attempts to maintain utilization #near the low-water mark. # #As swap utilization increases towards the high-water mark set #by cache_swap_high object eviction becomes more agressive. # #The value difference in percentages between low- and high-water #marks represent an eviction rate of 300 objects per second and #the rate continues to scale in agressiveness by multiples of #this above the high-water mark. # #Defaults are 90% and 95%. If you have a large cache, 5% could be #hundreds of MB. If this is the case you may wish to set these #numbers closer together. # #See also cache_swap_high and cache_replacement_policy Eviction starts when you cache achieves cache_swap_low. So, may be you traffic is more than squid can be replaced between 90 and 95%. So, you can try to decrease cache_swap_low. Or, review your caching policy to be less aggressive. Or, increase cache_dir limit. Or all together. > >> >> >> -- >> View this message in context: >> http://squid-web-proxy-cache.1019090.n4.nabble.com/WARNING-Disk-space-over-limit-tp4683055.html >> Sent from the Squid - Users mailing list archive at Nabble.com. >> ___ >> squid-users mailing list >> squid-users@lists.squid-cache.org >> http://lists.squid-cache.org/listinfo/squid-users >> >> ___ >> squid-users mailing list >> squid-users@lists.squid-cache.org >> http://lists.squid-cache.org/listinfo/squid-users > signature.asc Description: OpenPGP digital signature ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
Re: [squid-users] WARNING: Disk space over limit
12.07.2017 3:25, Eliezer Croitoru пишет: > Hey, > > If you are using a single process ie not SMP(default) use aufs instead of > diskd cache_dir. > It's much more stable and efficient then diskd(to my knowledge). Not sure about you knowledge. Diskd is simple designed for another OS than Linux. On appropriate platform it is not only stable, but quite efficient than aufs. :) > > Eliezer > > > Eliezer Croitoru > Linux System Administrator > Mobile: +972-5-28704261 > Email: elie...@ngtech.co.il > > > > -Original Message- > From: squid-users [mailto:squid-users-boun...@lists.squid-cache.org] On > Behalf Of erdosain9 > Sent: Tuesday, July 11, 2017 17:25 > To: squid-users@lists.squid-cache.org > Subject: [squid-users] WARNING: Disk space over limit > > Hi to all. > Im having this warning > > 2017/07/11 11:37:44 kid1| WARNING: Disk space over limit: 17241692.00 KB > > 1536 KB > 2017/07/11 11:37:56 kid1| WARNING: Disk space over limit: 16800692.00 KB > > 1536 KB > 2017/07/11 11:38:07 kid1| WARNING: Disk space over limit: 16466860.00 KB > > 1536 KB > 2017/07/11 11:38:19 kid1| WARNING: Disk space over limit: 16152960.00 KB > > 1536 KB > 2017/07/11 11:38:30 kid1| WARNING: Disk space over limit: 15905772.00 KB > > 1536 KB > 2017/07/11 11:38:41 kid1| WARNING: Disk space over limit: 15664684.00 KB > > 1536 KB > 2017/07/11 11:38:52 kid1| WARNING: Disk space over limit: 15499404.00 KB > > 1536 KB > > > Why is this happening?? why is over limit?? > > [root@squid ~]# df -h > S.ficheros Tamaño Usados Disp Uso% Montado en > /dev/mapper/centos-root48G17G 31G 36% / > devtmpfs 1,9G 0 1,9G 0% /dev > tmpfs 1,9G 2,1M 1,9G 1% /dev/shm > tmpfs 1,9G 8,5M 1,9G 1% /run > tmpfs 1,9G 0 1,9G 0% /sys/fs/cgroup > /dev/sda1 497M 143M 355M 29% /boot > tmpfs 380M 0 380M 0% /run/user/0 Where's the /var mountpoint? > > SQUID.CONF > > cache_dir diskd /var/spool/squid 15000 16 256 You specified 15000 megabytes for cache. So, reasonable WARNING: Disk space over limit: 17241692.00 KB > 1536 KB Squid tries to save more than you specified. > cache_mem 1000 MB > maximum_object_size_in_memory 1 MB > > cache_swap_low 90 > cache_swap_high 95 and if you take a look onto your swap_hi/low values you can see it's not do replacement to the end of specified store limit. > > Yes, it is over cache_dir... but why?? and how i correct this? Try to do two things. First - increase cache_dir formal size. Second - return cache_swap_low to it's default value. Because of "Premature optimization is root of all evils". > > > > -- > View this message in context: > http://squid-web-proxy-cache.1019090.n4.nabble.com/WARNING-Disk-space-over-limit-tp4683055.html > Sent from the Squid - Users mailing list archive at Nabble.com. > ___ > squid-users mailing list > squid-users@lists.squid-cache.org > http://lists.squid-cache.org/listinfo/squid-users > > ___ > squid-users mailing list > squid-users@lists.squid-cache.org > http://lists.squid-cache.org/listinfo/squid-users signature.asc Description: OpenPGP digital signature ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
Re: [squid-users] WARNING: Disk space over limit
Hey, If you are using a single process ie not SMP(default) use aufs instead of diskd cache_dir. It's much more stable and efficient then diskd(to my knowledge). Eliezer Eliezer Croitoru Linux System Administrator Mobile: +972-5-28704261 Email: elie...@ngtech.co.il -Original Message- From: squid-users [mailto:squid-users-boun...@lists.squid-cache.org] On Behalf Of erdosain9 Sent: Tuesday, July 11, 2017 17:25 To: squid-users@lists.squid-cache.org Subject: [squid-users] WARNING: Disk space over limit Hi to all. Im having this warning 2017/07/11 11:37:44 kid1| WARNING: Disk space over limit: 17241692.00 KB > 1536 KB 2017/07/11 11:37:56 kid1| WARNING: Disk space over limit: 16800692.00 KB > 1536 KB 2017/07/11 11:38:07 kid1| WARNING: Disk space over limit: 16466860.00 KB > 1536 KB 2017/07/11 11:38:19 kid1| WARNING: Disk space over limit: 16152960.00 KB > 1536 KB 2017/07/11 11:38:30 kid1| WARNING: Disk space over limit: 15905772.00 KB > 1536 KB 2017/07/11 11:38:41 kid1| WARNING: Disk space over limit: 15664684.00 KB > 1536 KB 2017/07/11 11:38:52 kid1| WARNING: Disk space over limit: 15499404.00 KB > 1536 KB Why is this happening?? why is over limit?? [root@squid ~]# df -h S.ficheros Tamaño Usados Disp Uso% Montado en /dev/mapper/centos-root48G17G 31G 36% / devtmpfs 1,9G 0 1,9G 0% /dev tmpfs 1,9G 2,1M 1,9G 1% /dev/shm tmpfs 1,9G 8,5M 1,9G 1% /run tmpfs 1,9G 0 1,9G 0% /sys/fs/cgroup /dev/sda1 497M 143M 355M 29% /boot tmpfs 380M 0 380M 0% /run/user/0 SQUID.CONF cache_dir diskd /var/spool/squid 15000 16 256 cache_mem 1000 MB maximum_object_size_in_memory 1 MB cache_swap_low 90 cache_swap_high 95 Yes, it is over cache_dir... but why?? and how i correct this? -- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/WARNING-Disk-space-over-limit-tp4683055.html Sent from the Squid - Users mailing list archive at Nabble.com. ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
Re: [squid-users] Does squid generates/adds additional HTTP headers?
On 07/11/2017 01:00 PM, avi_h wrote: > I want to configure Squid to make some server(s) think that the > request is coming directly from a user agent (e.g., browser). > However, I don't know what those servers use to detect proxies, Understood. We are still where we used to be then: Without a known detection vector, it is impossible to recommend a specific solution (or to declare the problem unsolvable). > any idea on how I can figure it out? I can suggest two complementary approaches: * Experimentation: Send HTTP requests using some highly-configurable client tool and vary header composition to move from a "browser request" to "Squid request", one header (or group of headers) at a time. One may be able to reverse engineer (parts of) the server algorithm this way. * Asking specific questions: Ask about specific servers your Squid does not work with. Perhaps others (on this or other mailing lists) know more about those servers. You already got a response from Sonya Roy indicating that some Squid modifications helped them. Perhaps Sonya Roy and/or others know about your servers as well. > Ideally, I would like to find a solution that would fit all (or the most > popular) detection mechanisms, if that's possible. I do not know what all (or the most popular) detection mechanisms are so I cannot answer this question, but perhaps others on this list can. Needless to say, if you succeed, then once those servers discover that their detection mechanism stopped working, they are likely to change it. This is why we can't have nice things, Alex. ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
Re: [squid-users] Does squid generates/adds additional HTTP headers?
Hi Alex, Thanks for this. I can narrow it down, as you mentioned, I want to configure Squid to make some server(s) think that the request is coming directly from a user agent (e.g., browser). However, I don't know what those servers use to detect proxies, any idea on how I can figure it out? Ideally, I would like to find a solution that would fit all (or the most popular) detection mechanisms, if that's possible. -- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/Does-squid-generates-adds-additional-HTTP-headers-tp4683050p4683062.html Sent from the Squid - Users mailing list archive at Nabble.com. ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
Re: [squid-users] Does squid generates/adds additional HTTP headers?
As Alex mentioned its not possible to do with squid. I modified the squid source code to do this a month ago. Its not hard to do, you will only need to modify http.cc and client_side.cc a bit. On Tue, Jul 11, 2017 at 9:42 PM, Alex Rousskov < rouss...@measurement-factory.com> wrote: > On 07/10/2017 05:52 PM, avi_h wrote: > > > I'm trying to get squid to use the same headers as it received (to make > it > > more transparent) > > To improve your chances of arriving at a usable solution (or quickly > abandoning a futile search), I suggest detailing/narrowing your goal: > "Make it more transparent" to whom and in what way? What specific > problems are you trying to solve? For example: > > * Do you want to configure Squid to become invisible to a knowledgeable > human observer? > > * Do you want to configure Squid to make some server(s) think that the > request is coming directly from a user agent (e.g., browser)? What do > those servers use to detect proxies now? > > Etc. etc. You probably know exactly what you need to achieve. Narrow it > down for us as much as possible. > > > > After looking up online I configured the following: > > > > request_header_access Cache-Control deny all > > Denying general-purpose headers makes no sense if you want Squid to > forward as many original headers as possible. Yes, Squid may generate > new Cache-Control headers but that does not mean that Squid does not > forward client Cache-Control headers as well. The task of preserving > original headers may feel trivial to you, but the actual complexity of > what you are asking is one of the reasons we need you to come up with a > narrower goal. > > > > Is there any way to have squid generate the exact same headers as it > > received? > > No. However, you probably do not actually need that. You probably need > something else that Squid may be able to do (with or without code > modifications). > > Alex. > ___ > squid-users mailing list > squid-users@lists.squid-cache.org > http://lists.squid-cache.org/listinfo/squid-users > ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
Re: [squid-users] Squid as gateway
May be this will be of any help - https://docs.diladele.com/tutorials/transparent_proxy_ubuntu/index.html -Original Message- From: squid-users [mailto:squid-users-boun...@lists.squid-cache.org] On Behalf Of erdosain9 Sent: Tuesday, July 11, 2017 5:41 PM To: squid-users@lists.squid-cache.org Subject: Re: [squid-users] Squid as gateway Ok Yuri, im re re re reading... :-) And probe another configs, like this http://wiki.squid-cache.org/ConfigExamples/Intercept/LinuxRedirect and nothing, i dont get where i fail. Squid, it is config in interception mode. cache.log 2017/07/11 14:15:43 kid1| Accepting HTTP Socket connections at local=[::]:3128 remote=[::] FD 14 flags=9 2017/07/11 14:15:43 kid1| Accepting NAT intercepted HTTP Socket connections at local=[::]:3129 remote=[::] FD 15 flags=41 So. yes, yes, i keep reading. -- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-as-gateway-tp4683022p4683058.html Sent from the Squid - Users mailing list archive at Nabble.com. ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
Re: [squid-users] Does squid generates/adds additional HTTP headers?
On 07/10/2017 05:52 PM, avi_h wrote: > I'm trying to get squid to use the same headers as it received (to make it > more transparent) To improve your chances of arriving at a usable solution (or quickly abandoning a futile search), I suggest detailing/narrowing your goal: "Make it more transparent" to whom and in what way? What specific problems are you trying to solve? For example: * Do you want to configure Squid to become invisible to a knowledgeable human observer? * Do you want to configure Squid to make some server(s) think that the request is coming directly from a user agent (e.g., browser)? What do those servers use to detect proxies now? Etc. etc. You probably know exactly what you need to achieve. Narrow it down for us as much as possible. > After looking up online I configured the following: > > request_header_access Cache-Control deny all Denying general-purpose headers makes no sense if you want Squid to forward as many original headers as possible. Yes, Squid may generate new Cache-Control headers but that does not mean that Squid does not forward client Cache-Control headers as well. The task of preserving original headers may feel trivial to you, but the actual complexity of what you are asking is one of the reasons we need you to come up with a narrower goal. > Is there any way to have squid generate the exact same headers as it > received? No. However, you probably do not actually need that. You probably need something else that Squid may be able to do (with or without code modifications). Alex. ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
Re: [squid-users] Squid as gateway
Ok Yuri, im re re re reading... :-) And probe another configs, like this http://wiki.squid-cache.org/ConfigExamples/Intercept/LinuxRedirect and nothing, i dont get where i fail. Squid, it is config in interception mode. cache.log 2017/07/11 14:15:43 kid1| Accepting HTTP Socket connections at local=[::]:3128 remote=[::] FD 14 flags=9 2017/07/11 14:15:43 kid1| Accepting NAT intercepted HTTP Socket connections at local=[::]:3129 remote=[::] FD 15 flags=41 So. yes, yes, i keep reading. -- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-as-gateway-tp4683022p4683058.html Sent from the Squid - Users mailing list archive at Nabble.com. ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
Re: [squid-users] Squid as gateway
Squid should be configured and built with interception support. Re-read more carefully. 11.07.2017 21:26, erdosain9 пишет: > Thanks > Yes, im looking the wiki and follow this > http://wiki.squid-cache.org/ConfigExamples/Intercept/LinuxDnat > > And, it is not working. Nothing it is going to squid. > > I can go to internet because > > # Controls IP packet forwarding > net.ipv4.ip_forward = 1 > > but, nothing throug squid. > > What can be? Another wiki??? > > > > -- > View this message in context: > http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-as-gateway-tp4683022p4683056.html > Sent from the Squid - Users mailing list archive at Nabble.com. > ___ > squid-users mailing list > squid-users@lists.squid-cache.org > http://lists.squid-cache.org/listinfo/squid-users signature.asc Description: OpenPGP digital signature ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
Re: [squid-users] Squid as gateway
Thanks Yes, im looking the wiki and follow this http://wiki.squid-cache.org/ConfigExamples/Intercept/LinuxDnat And, it is not working. Nothing it is going to squid. I can go to internet because # Controls IP packet forwarding net.ipv4.ip_forward = 1 but, nothing throug squid. What can be? Another wiki??? -- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-as-gateway-tp4683022p4683056.html Sent from the Squid - Users mailing list archive at Nabble.com. ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
[squid-users] WARNING: Disk space over limit
Hi to all. Im having this warning 2017/07/11 11:37:44 kid1| WARNING: Disk space over limit: 17241692.00 KB > 1536 KB 2017/07/11 11:37:56 kid1| WARNING: Disk space over limit: 16800692.00 KB > 1536 KB 2017/07/11 11:38:07 kid1| WARNING: Disk space over limit: 16466860.00 KB > 1536 KB 2017/07/11 11:38:19 kid1| WARNING: Disk space over limit: 16152960.00 KB > 1536 KB 2017/07/11 11:38:30 kid1| WARNING: Disk space over limit: 15905772.00 KB > 1536 KB 2017/07/11 11:38:41 kid1| WARNING: Disk space over limit: 15664684.00 KB > 1536 KB 2017/07/11 11:38:52 kid1| WARNING: Disk space over limit: 15499404.00 KB > 1536 KB Why is this happening?? why is over limit?? [root@squid ~]# df -h S.ficheros Tamaño Usados Disp Uso% Montado en /dev/mapper/centos-root48G17G 31G 36% / devtmpfs 1,9G 0 1,9G 0% /dev tmpfs 1,9G 2,1M 1,9G 1% /dev/shm tmpfs 1,9G 8,5M 1,9G 1% /run tmpfs 1,9G 0 1,9G 0% /sys/fs/cgroup /dev/sda1 497M 143M 355M 29% /boot tmpfs 380M 0 380M 0% /run/user/0 SQUID.CONF cache_dir diskd /var/spool/squid 15000 16 256 cache_mem 1000 MB maximum_object_size_in_memory 1 MB cache_swap_low 90 cache_swap_high 95 Yes, it is over cache_dir... but why?? and how i correct this? -- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/WARNING-Disk-space-over-limit-tp4683055.html Sent from the Squid - Users mailing list archive at Nabble.com. ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
Re: [squid-users] Squid as gateway
Feel free to take a look inside wiki: http://wiki.squid-cache.org/SquidFaq/InterceptionProxy http://wiki.squid-cache.org/ConfigExamples/Intercept 11.07.2017 19:35, erdosain9 пишет: > Hi, and thanks. > Maybe i dont explain well. > I just want this: > > WanRouter---Squid-switch--PC > > I want to declare in "PC" IP, MASK, AND GATEWAY, instead of the WanRouter, i > want that PC have for gateway the ip of the Squid. > > I do this by now. > > sudo iptables -A PREROUTING -t nat -s 192.168.1.0/24 -p tcp --dport 80 -j > REDIRECT --to-port 3128 > > [root@squid ~]# iptables -L -n > Chain INPUT (policy ACCEPT) > target prot opt source destination > ACCEPT tcp -- 0.0.0.0/00.0.0.0/0tcp dpt:3128 > ACCEPT tcp -- 0.0.0.0/00.0.0.0/0tcp dpt:443 > ACCEPT tcp -- 0.0.0.0/00.0.0.0/0tcp dpt:80 > ACCEPT all -- 0.0.0.0/00.0.0.0/0state > RELATED,ESTABLISHED > ACCEPT icmp -- 0.0.0.0/00.0.0.0/0 > ACCEPT all -- 0.0.0.0/00.0.0.0/0 > ACCEPT tcp -- 0.0.0.0/00.0.0.0/0state NEW tcp > dpt:22 > REJECT all -- 0.0.0.0/00.0.0.0/0reject-with > icmp-host-prohibited > > Chain FORWARD (policy ACCEPT) > target prot opt source destination > REJECT all -- 0.0.0.0/00.0.0.0/0reject-with > icmp-host-prohibited > > Chain OUTPUT (policy ACCEPT) > target prot opt source destination > > > iptables -t nat --line-numbers -L > Chain PREROUTING (policy ACCEPT) > num target prot opt source destination > 1REDIRECT tcp -- 192.168.1.0/24 anywhere tcp > dpt:http redir ports 3128 > > > And in squid.conf > i have > http 192.168.1.35:3128 intercept > > But... this is not working... so > Can anyone give me a hand? > > Thanks to all. > > > > > > -- > View this message in context: > http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-as-gateway-tp4683022p4683053.html > Sent from the Squid - Users mailing list archive at Nabble.com. > ___ > squid-users mailing list > squid-users@lists.squid-cache.org > http://lists.squid-cache.org/listinfo/squid-users signature.asc Description: OpenPGP digital signature ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
Re: [squid-users] Squid as gateway
Hi, and thanks. Maybe i dont explain well. I just want this: WanRouter---Squid-switch--PC I want to declare in "PC" IP, MASK, AND GATEWAY, instead of the WanRouter, i want that PC have for gateway the ip of the Squid. I do this by now. sudo iptables -A PREROUTING -t nat -s 192.168.1.0/24 -p tcp --dport 80 -j REDIRECT --to-port 3128 [root@squid ~]# iptables -L -n Chain INPUT (policy ACCEPT) target prot opt source destination ACCEPT tcp -- 0.0.0.0/00.0.0.0/0tcp dpt:3128 ACCEPT tcp -- 0.0.0.0/00.0.0.0/0tcp dpt:443 ACCEPT tcp -- 0.0.0.0/00.0.0.0/0tcp dpt:80 ACCEPT all -- 0.0.0.0/00.0.0.0/0state RELATED,ESTABLISHED ACCEPT icmp -- 0.0.0.0/00.0.0.0/0 ACCEPT all -- 0.0.0.0/00.0.0.0/0 ACCEPT tcp -- 0.0.0.0/00.0.0.0/0state NEW tcp dpt:22 REJECT all -- 0.0.0.0/00.0.0.0/0reject-with icmp-host-prohibited Chain FORWARD (policy ACCEPT) target prot opt source destination REJECT all -- 0.0.0.0/00.0.0.0/0reject-with icmp-host-prohibited Chain OUTPUT (policy ACCEPT) target prot opt source destination iptables -t nat --line-numbers -L Chain PREROUTING (policy ACCEPT) num target prot opt source destination 1REDIRECT tcp -- 192.168.1.0/24 anywhere tcp dpt:http redir ports 3128 And in squid.conf i have http 192.168.1.35:3128 intercept But... this is not working... so Can anyone give me a hand? Thanks to all. -- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-as-gateway-tp4683022p4683053.html Sent from the Squid - Users mailing list archive at Nabble.com. ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users