--- "Adam H. Peterson" <[EMAIL PROTECTED]> wrote: > Gary Thornock wrote: >> I've done this for the last few years using Squid + >> DansGuardian, first in Linux and later in FreeBSD. It >> works very well. I did a UUG presentation about it >> a few months ago. If you think the slides from the >> presentation might be useful, they're available at >> http://www.thornock.us/presentations/dansguardian/ > > You know, I've looked on the internet for information about > setting up a transparent proxy using iptables and they all > seem to say about the same command with a few variations. > The command they say is basically what is said in this > presentation. But no matter which ones I try, when I configure > Firefox to stop using localhost:8080 as a proxy, it doesn't go > through squid and dansguardian anymore. I have no idea what > I'm doing wrong, and I don't get any error messages when I run > the iptables command. It just seems to connect directly out > anyway. > > Any suggestions? (If it helps, I'm runnig Gentoo 2006.0 with a > 2,6.15-r1 kernel.)
I've run into similar problems both times I set up a transparent proxy, and in both cases it was because I hadn't done the required Squid configuration. The following MUST be in your squid.conf, or the transparent proxy won't work: httpd_accel_host virtual httpd_accel_port 80 httpd_accel_single_host off httpd_accel_with_proxy on httpd_accel_uses_host_header on There may be other reasons for the transparent proxy to fail, but I haven't run into any of them. Disclaimer, though: I've never tried a transparent proxy with iptables. My old one used ipchains, and my current one uses pf. - Gary PGP Key ID: 071B173D Fingerprint: ED30 B048 6833 56B4 28C0 CE52 F12B 884A 071B 173D -------------------- BYU Unix Users Group http://uug.byu.edu/ The opinions expressed in this message are the responsibility of their author. They are not endorsed by BYU, the BYU CS Department or BYU-UUG. ___________________________________________________________________ List Info: http://uug.byu.edu/cgi-bin/mailman/listinfo/uug-list
