Thanks all for the help. Amos, the following worked like a charm and thanks so
much:
Once thats working you can then go on to catch other common web server
evasion ports (81, 87, 88, 8000, 8080, 8081, 8181, , 3128, 1080, 2080)
Redirectding just port 80 wasnn't accomplishing anything. Are
Well, I solved my DNS problems. BIND was in fact killing squid with it's errors
(IPC can be a PITA sometimes). pdnsd is working great.
I have verified that the 3128 redirect command is working. Accessing the server
from a Linux client with lynx shows the hits in cache.log. lynx follows the
Thanks so much for the replies. I haven't had a chance to test whether the:
iptables -t nat -A PREROUTING -i $LAN -p tcp --dport 80 -j ACCEPT
will solve my interception problem yet. I worked on the server for a few days
while it was down and have new and bigger problems now. Where's the nearest
I'm serving in Iraq, where bandwidth is low and DNS servers are thousands of
miles away. squid is a great solution for my unit.
I set up squid-3.0-STABLE8 behind SNAT to do intercetion caching with the
standard:
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j REDIRECT --to-port