Mahmood Ahmed wrote: > > Hello All! > > I know it very well that the problem i am seeking help about is not squid > related but as i am so desperate thats why i am asking this question here. > my squid 2.5 Stable 4 is running very fine, iptables is redirecting the port > 80 to port 8080 but clients accessing https sites like hotmail and > rhn.redhat.com are not able to get through. As i am only redirecting http > traffic and allowing ip_forwarding thats why i cant understand why my clients > cant access https sites. > my iptables rule is as follow > > /usr/bin/iptables -t nat -A PREROUTING -p tcp -s 202.133.44.0/0 --dport > 80:80 -j REDIRECT --to-ports 8080 > I will be very thank full to recieve any help. > > PS: MSN messenger and yahoo messenger are working fine with squid ( no > problem of login or file transfer) >
You may be bitten by fundamental drawbacks of setups related to transp. proxying : does it work when the browser is set to use the proxy directly ? If yes, then some sites for instance check whether 'interleaving' http - https connections come from the same origin when accessing the site through authorization schemes. The more fundamental issue is that transp. proxying breaks ip host to host networking 'semantics'. Meaning http proxying should 'execute' at the app. level in the networking stack and should be kept separate and or not intervene with ip (and vice versa). M.
