On 18/05/2013 12:30 a.m., jimmah6786 wrote:
Is there anything else I could check to see why this still doesn't work?
Does anyone have a working example of Squid 3.3 with this type of topology?
Routing on a stick.
The wiki is pretty much the exact config I'm happily using on my own
network
bump
--
View this message in context:
http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-3-3-Intercept-Proxy-Traffic-routing-to-Squid-Box-Now-what-tp4660046p4660138.html
Sent from the Squid - Users mailing list archive at Nabble.com.
Is there anything else I could check to see why this still doesn't work?
Does anyone have a working example of Squid 3.3 with this type of topology?
Routing on a stick.
--
View this message in context:
Hey All, I've followed
http://wiki.squid-cache.org/ConfigExamples/Intercept/IptablesPolicyRoute
guide and have my IPTABLE Firewall correctly routing HTTP traffic. My
Firewall and Squid are different devices.
Client -- RouterA -- DMZ(Squid) -- RouterA -- Internet
I verified traffic is getting
I've tried adding
http_port 8080 intercept
http_port 8080 transparent
http_port 8080 tproxy
http_port 8080
I don't understand how squid will ever get the Datagram, because the
packets arrive with a destination IP that is not Squid's...so the upper
layers will never be passed up to Squid.
On 17/05/2013 1:04 a.m., jimmah6786 wrote:
I've tried adding
http_port 8080 intercept
http_port 8080 transparent
http_port 8080 tproxy
http_port 8080
I don't understand how squid will ever get the Datagram, because the
packets arrive with a destination IP that is not Squid's...so the upper
Yes these rules are i the -t nat table. So is it suppose to be a DNAT on the
Squid box?? Which will NAT to itself? I thought REDIRECT will only translate
the port and not touch the IP information??
Still stuck with Policy Based Routing working correctly to the squid box,
but Squid not
On 17/05/2013 2:33 a.m., jimmah6786 wrote:
Yes these rules are i the -t nat table. So is it suppose to be a DNAT on the
Squid box?? Which will NAT to itself? I thought REDIRECT will only translate
the port and not touch the IP information??
REDIRECT is a special sub-type of DNAT which allows
I just checked, and it looks like RP filter is disabled on the Squid box.
root@squidproxy:~# cat /proc/sys/net/ipv4/conf/all/rp_filter
0
root@squidproxy:~# cat /proc/sys/net/ipv4/conf/eth0/rp_filter
0
root@squidproxy:~# cat /proc/sys/net/ipv4/conf/lo/rp_filter
0
root@squidproxy:~# cat
Here's a visual of the topology
Internet---eth0--RouterA --eth1.100 --- DMZ(192.168.1.0/24)
Squid (192.168.1.5)
-- eth1.110
---ClientNet(192.168.0.0/24) ClientPC (192.168.0.150)
--
View this message in context:
Forgot to add squid.conf:
#intercept bind address
http_port 8080 intercept
Also, squid access.logs don't show anything when testing..So I fairly
certain that squid is not intercepting or taking the requests.
--
View this message in context:
11 matches
Mail list logo