I'll start with the pointedly easy stuff: Squid > 2.6 (tested 3.4, 3.5,
4.0 on Ubuntu Xenial, Debian Jessie, FreeSBD 11.1 using iptables, pf,
ipf, ipfilter) does not work at all, when configured as a transparent
proxy. Full stop.
I went through hundreds of posts on dozens of forums, blogs and othe
On 02/07/2018 04:11 PM, setuid wrote:
> That router has a firewall script on it that says:
> ==
> #!/bin/sh
> PROXY_IP=192.168.2.25
Yes, this is a typo here in email but is correct in the router's
firewall script.
This should be either 192.168.2.20 or 192.168.1.25; both are Sq
One stupid idiotic question.
Did you build your squid with transparent NAT support?
This is mandatory prerequisite for transparent squid.
I'm not seen your configuration options for squid. Not squid.conf. Just
./configure options.
08.02.2018 03:11, setuid пишет:
> I'll start with the pointedly
[mailto:squid-users-boun...@lists.squid-cache.org] On Behalf
Of setuid
Sent: Wednesday, February 7, 2018 10:11 PM
To: squid-users@lists.squid-cache.org
Subject: [squid-users] Squid 3.x or 4.x acting as a transparent http proxy (NOT
https)
I'll start with the pointedly easy stuff: Squid > 2.6 (te
On 02/07/2018 04:38 PM, Rafael Akchurin wrote:
> If you do not mind looking at other tutorials - these are what we have
in the test lab.
> https://docs.diladele.com/tutorials/transparent_proxy_ubuntu/index.html
> https://docs.diladele.com/tutorials/policy_based_routing_squid/index.html
Thanks for
]
Sent: Wednesday, February 7, 2018 10:45 PM
To: Rafael Akchurin ;
squid-users@lists.squid-cache.org
Subject: Re: [squid-users] Squid 3.x or 4.x acting as a transparent http proxy
(NOT https)
On 02/07/2018 04:38 PM, Rafael Akchurin wrote:
> If you do not mind looking at other tutorials - th
On 02/07/2018 04:38 PM, Rafael Akchurin wrote:
> If you do not mind looking at other tutorials - these are what we have in the
> test lab.
> https://docs.diladele.com/tutorials/transparent_proxy_ubuntu/index.html
I can confirm that the instructions in this tutorial results in the same
exact fail
Thats strange.
How is your network configured? Your rules indicate you have 2 nics but you
later say you have one..
Best regards,
Rafael Akchurin
> Op 7 feb. 2018 om 23:31 heeft setuid het volgende
> geschreven:
>
>> On 02/07/2018 04:38 PM, Rafael Akchurin wrote:
>> If you do not mind lookin
On 2/7/18 4:31 PM, Yuri wrote:
> I'm not seen your configuration options for squid. Not squid.conf. Just
> ./configure options.
Here's what I'm building with (from 'make config' in ports tree)
'--bindir=/usr/local/sbin'
'--build=amd64-portbld-freebsd11.1'
'--datadir=/usr/local/etc/squid'
'--disab
On 2/7/18 5:37 PM, Rafael Akchurin wrote:
> How is your network configured? Your rules indicate you have 2 nics but you
> later say you have one..
Originally, I started with 1 NIC (it's a VM), and added 2 more, because
I read that pf/ipfw can't rewrite ingress packets on the same interface
it use
If you configured squid with
'--enable-ipfw-transparent'
you should use manual for ipfw configuration.
Did you used ipfw NAT configuration on same box with squid?
08.02.2018 05:14, setuid пишет:
> On 2/7/18 4:31 PM, Yuri wrote:
>> I'm not seen your configuration options for squid. Not squid.con
Squid is relatively difficult to run with transparent mode on virtual
platforms due to NAT limitations on virtual platforms (this is not
squid's issue, this is issue if virtual platforms).
I'm using squid only in transparent mode (only in transparent mode)
several years on Solaris (bare metal) wit
On 2/7/18 6:36 PM, Yuri wrote:
> Did you used ipfw NAT configuration on same box with squid?
Yes, my ipfw configuration is:
$cmd 00700 deny ip from any to any dst-port 3128 via em0
$cmd 00800 fwd 3128 tcp from 192.168.1.25 to any dst-port 80 via em0
$cmd 00820 allow ip from any to any dst-port 31
Where ipfw runs? In virtual machine, or on hypervisor?
08.02.2018 05:44, setuid пишет:
> On 2/7/18 6:36 PM, Yuri wrote:
>> Did you used ipfw NAT configuration on same box with squid?
> Yes, my ipfw configuration is:
>
> $cmd 00700 deny ip from any to any dst-port 3128 via em0
> $cmd 00800 fwd 312
On 08/02/18 12:44, setuid wrote:
> On 2/7/18 6:36 PM, Yuri wrote:
>> Did you used ipfw NAT configuration on same box with squid?
>
> Yes, my ipfw configuration is:
>
> $cmd 00700 deny ip from any to any dst-port 3128 via em0
> $cmd 00800 fwd 3128 tcp from 192.168.1.25 to any dst-port 80 via em0
>
On 08/02/18 10:11, setuid wrote:
> I'll start with the pointedly easy stuff: Squid > 2.6 (tested 3.4, 3.5,
> 4.0 on Ubuntu Xenial, Debian Jessie, FreeSBD 11.1 using iptables, pf,
> ipf, ipfilter) does not work at all, when configured as a transparent
> proxy. Full stop.
>
> I went through hundred
quid-users-boun...@lists.squid-cache.org] On Behalf
Of Amos Jeffries
Sent: Thursday, February 8, 2018 10:13
To: squid-users@lists.squid-cache.org
Subject: Re: [squid-users] Squid 3.x or 4.x acting as a transparent http proxy
(NOT https)
On 08/02/18 10:11, setuid wrote:
> I'll start with the
On 02/22/2018 12:29 PM, Eliezer Croitoru wrote:
> Is this issue still unresolved?
> After reading the whole thread and getting back to the first post I
really don't understand the issue.
No, unresolved. At this point, I'm firmly convinced that Squid 3.x and
later _does not_ work as a fully transpa
mailto:set...@gmail.com]
Sent: Thursday, February 22, 2018 19:58
To: Eliezer Croitoru ; 'Amos Jeffries'
Cc: 'setuid' ; squid-users@lists.squid-cache.org
Subject: Re: [squid-users] Squid 3.x or 4.x acting as a transparent http proxy
(NOT https)
On 02/22/2018 12:29 PM, Eli
19 matches
Mail list logo