Hi all, I hope you can help me on that problem.
I compiled on my debian wheezy squid (3.4.4) server squid with the followinf options : ./configure --prefix=/usr --includedir=/usr/include --datadir=/usr/share --bindir=/usr/sbin --libexecdir=/usr/lib/squid --localstatedir=/var --sysconfdir=/etc/squid3 --enable-ssl --enable-ssl-crtd --enable-eui - –enable-icap-client --with-default-user=proxy What we want to do ? A transparent http/https proxy for logging connexions and bloking website like facebook (https/http). The problem is in the access.log file. Even if my clients are directly connected to the squid server (no router) the mac address are not in the logfile : 11/Mar/2014:16:50:09 -0300 00:00:00:00:00:00 192.162.20.2 https://packages.debian.org/Pics/gradient.png - 1037 11/Mar/2014:16:50:09 -0300 00:00:00:00:00:00 192.162.20.2 https://packages.debian.org/Pics/reddot.png packages.debian.org 918 11/Mar/2014:16:50:09 -0300 00:00:00:00:00:00 192.162.20.2 https://packages.debian.org/favicon.ico - 5454 11/Mar/2014:16:50:24 -0300 00:00:00:00:00:00 192.162.20.2 https://globalsan.net/TimeServer/timestamp.php globalsan.net 529 I can add i have a netfilter script to nat the connexions from 80 and 443 ports to 3328 and 3329 squid ports. #!/bin/sh # squid proxy's IP address (which is attached to eth0) SQUID_SERVER=`ifconfig eth0 | sed -ne 's/.*inet addr:\([^ ]*\).*/\1/p'` # interface connected to WAN INTERNET="eth2" # interface connected to LAN LAN_IN="eth0" # squid port SQUID_PORT="3128" SQUID_PORT_HTTPS="3129" # clean old firewall iptables -F iptables -X iptables -t nat -F iptables -t nat -X iptables -t mangle -F iptables -t mangle -X # load iptables modules for NAT masquerade and IP conntrack modprobe ip_conntrack modprobe ip_conntrack_ftp # define necessary redirection for incoming http traffic (e.g., 80) iptables -t nat -A PREROUTING -i $LAN_IN -p tcp --dport 80 -j REDIRECT --to-port $SQUID_PORT iptables -t nat -A PREROUTING -i $LAN_IN -p tcp --dport 443 -j REDIRECT --to-port $SQUID_PORT_HTTPS # forward locally generated http traffic to Squid iptables -t nat -A OUTPUT -p tcp --dport 80 -m owner --uid-owner proxy -j ACCEPT iptables -t nat -A OUTPUT -p tcp --dport 80 -j REDIRECT --to-ports $SQUID_PORT iptables -t nat -A OUTPUT -p tcp --dport 443 -m owner --uid-owner proxy -j ACCEPT iptables -t nat -A OUTPUT -p tcp --dport 443 -j REDIRECT --to-ports $SQUID_PORT_HTTPS # forward the rest of non-http traffic iptables --table nat --append POSTROUTING --out-interface $INTERNET -j MASQUERADE iptables --append FORWARD --in-interface $INTERNET -j ACCEPT # enable IP forwarding for proxy echo 1 > /proc/sys/net/ipv4/ip_forward The squid.conf is really too long to past it here but i can answer to you on what i written inside. Someone encountered this problem yet ?
