I'm trying to make squid work as transparent proxy on CentOS, squid ver is
3.2.0.12, with ecap enabled.
The problem is that squid doesn't work on transparent port and responds on
non-transparent port.
I've simplified configuration as possible to exclude access errors
Here's my squid.conf:
http
Hi,
Maybe I am missing it, but where is the rule to REDIRECT port 80 to 13128
in iptables ?
Cheers,
Pieter
On Tue, 18 Oct 2011, zozo zozo wrote:
I'm trying to make squid work as transparent proxy on CentOS, squid ver is
3.2.0.12, with ecap enabled.
The problem is that squid doesn't work o
Hallo, Pieter,
Du meintest am 18.10.11:
[TOFU]
> I understand you being upset with this, but this is a text based
> client and I have limited time that I can reply to certain issues. I
> thought I would give a quick insight into an error that I might have
> spotted. It's quite hard to have selec
On 18/10/11 22:57, zozo zozo wrote:
So does it mean Squid works only with NAT-ted packets? Should it not accept
direct connection to the port?
No, and no. You configured this port as receiving NAT traffic, that is
what Squid is expecting there. Any other traffic to this particular port
is a
On 19/10/11 23:10, zozo zozo wrote:
I.e. I can't put my transparent proxy to internet, I need it to be in
same IP space as my network interface?
You can put it anywhere you like. There are only two requirements:
1) NAT happens on the same OS.
So Squid can have direct access to the N
Port 80 is redirected from another machine to this one's 13128.
If squid worked on transparent port, it would reply to direct HTTP GET on 13128
too, it does on Ubuntu.
Here squid accepts the connection but then closes it immediately.
18 октября 2011, 04:05 от Pieter De Wit :
> Hi,
>
> Maybe I am
So does it mean Squid works only with NAT-ted packets? Should it not accept
direct connection to the port?
Or does it check iptables for forwarding entries?
Does it mean that now intercepting squid can only work on the gateway machine?
Makes little sense to me - I'm using HTTP port forwarding f
> > Does it mean that now intercepting squid can only work on the gateway
> > machine?
>
> No. It means that routers like yours need to be configured for policy
> routing (aka "packet forwarding") instead of NAT port mapping (aka "port
> forwarding").
>
> This config was written particularly fo
> > I.e. I can't put my transparent proxy to internet, I need it to be in
> > same IP space as my network interface?
>
> You can put it anywhere you like. There are only two requirements:
>
> 1) NAT happens on the same OS.
> So Squid can have direct access to the NAT data to undo the
> d
On Tue, 18 Oct 2011 04:14:28 +0400, zozo zozo wrote:
Port 80 is redirected from another machine to this one's 13128.
If squid worked on transparent port, it would reply to direct HTTP
GET on 13128 too, it does on Ubuntu.
Here squid accepts the connection but then closes it immediately.
NAT on
On Tue, 18 Oct 2011 23:23:44 +0400, zozo zozo wrote:
> Does it mean that now intercepting squid can only work on the
gateway machine?
No. It means that routers like yours need to be configured for
policy
routing (aka "packet forwarding") instead of NAT port mapping (aka
"port
forwarding").
11 matches
Mail list logo
