On Monday 18 May 2009 10:58:43 pm Michael L Torrie wrote:
> Transparent proxying requires two things. 1. Squid must be configured
> to handle it.
Among others, you need to make sure you have this line in your squid.conf:
http_port 3128 transparent
> 2. using iptables you set up a rule in the PREROUTING (I
> think!) part of the nat tables that redirects all out-bound port 80
> traffic to a local port (or an ipaddr:port combination if the proxy is
> on a different host).
This is my iptables config in mine:
/sbin/iptables -t nat -A PREROUTING \
-i eth0 \
-s 192.168.10.0/27 \
-d ! 192.168.10.0/27 \
-p tcp \
--destination-port 80 \
-j REDIRECT --to-port $redir_port
Where $redir_port is the squid/dansguardian port to reroute traffic to [3128
for squid, 8080 for dansguardian (at least in my setup)].
--
Alberto Treviño
BYU Testing Center
Brigham Young University
--------------------
BYU Unix Users Group
http://uug.byu.edu/
The opinions expressed in this message are the responsibility of their
author. They are not endorsed by BYU, the BYU CS Department or BYU-UUG.
___________________________________________________________________
List Info (unsubscribe here): http://uug.byu.edu/mailman/listinfo/uug-list
