opportunity
May 20th, 2008, 04:40 PM
Hi guys,
I need help getting squid to be a true transparent proxy. Like many, when i set the web browser proxy to the squid box it works fine but not as a transparent configureless proxy. I heard it was possible to do this with only one NIC and not being directly connected to the WAN connection [packet hijacking] Correct me if im wrong? Right now i only have the squid box connected to the master unmanaged switch. Im thinking i should just use urlfilter with the current ipcop firewall we have rather than create an additional point of failure with squid.
See if there is anything i am missing if it is possible.
So far i have:
Enabled ip forwarding:
echo "1" > /proc/sys/net/ipv4/ip_forward
set the iptables as:
iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp -–dport 80 -j REDIRECT --to-ports 3128
set the squid.conf as:
http_port 3128 transparent
always_direct allow all
I need help getting squid to be a true transparent proxy. Like many, when i set the web browser proxy to the squid box it works fine but not as a transparent configureless proxy. I heard it was possible to do this with only one NIC and not being directly connected to the WAN connection [packet hijacking] Correct me if im wrong? Right now i only have the squid box connected to the master unmanaged switch. Im thinking i should just use urlfilter with the current ipcop firewall we have rather than create an additional point of failure with squid.
See if there is anything i am missing if it is possible.
So far i have:
Enabled ip forwarding:
echo "1" > /proc/sys/net/ipv4/ip_forward
set the iptables as:
iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp -–dport 80 -j REDIRECT --to-ports 3128
set the squid.conf as:
http_port 3128 transparent
always_direct allow all