Wednesday, December 5, 2007

HowTo do Transparent proxy with Squid

Modify or add following to squid configuration file (/etc/squid/squid.conf):

httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
 acl lan src 192.168.1.1 192.168.2.0/24
http_access allow localhost
http_access allow lan

Added following rules to forward all http requests (coming to port 80) to the Squid server port 3128 :

[eth0 connected to internet and eth1 connected to local lan]

iptables -t nat -A PREROUTING -i eth1 -p tcp –-dport 80 -j DNAT –to 192.168.1.1:3128
iptables -t nat -A PREROUTING -i eth0 -p tcp –-dport 80 -j REDIRECT –-to-port 3128

HowTo do Transparent proxy with SquidSocialTwist Tell-a-Friend

Posted by Nikesh Jauhari at 4:16 PM

2 comments:

Anonymous said...

hi..
i cant run this command
root@server# iptables -t nat -A PREROUTING -i eth0 -p tcp -dport 80 -j REDIRECT -to-port 3128
it return error
Bad argument `80'

February 18, 2008 11:06 PM
Nikesh Jauhari said...

ok, This should help ...

iptables -t nat -A PREROUTING -i eth0 -p tcp –-dport 80 -j REDIRECT –-to-port 3128

Also, if you didnt already enabled the forwarding add this to your /etc/sysctl.conf

net.ipv4.conf.default.forwarding=1

February 19, 2008 11:24 AM

Post a Comment

Subscribe to: Post Comments (Atom)

Linuxpoison Archive

Add to Technorati Favorites http://www.wikio.com Software Computers blogs TopOfBlogs Unix-Linux Blogs Computers (Software) - TOP.ORG Computer Software Blog Directory Computer Blogs - Blog Catalog Blog Directory Blog Flux Directory Technology Blogs - Blog Rankings

Copying and distribution of the articles is permitted in any medium as long as the author and source are quoted.
E-mail contact: njauhari@cybage.com
All trademarks are the property of their respective owners.