Results 1 to 8 of 8

Thread: Squid3 Transparent

  1. #1
    Join Date
    Dec 2010
    Beans
    9

    Squid3 Transparent

    Hi,
    I installed squid3.
    I want to make it as transparent proxy.I looked over the internet and tryed all options.
    I edited my http port in squid.conf file
    "http_port 4880 transparent"
    Then i forwarded packets using iptables and shorewall. it dint work.

    "iptables -t nat -A PREROUTING -i eth1 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.0.1:4880
    iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 4880"
    eth0=internet
    eth1=local computers
    My squid is working manually when i change my proxy settings in browser

    Thanks and Regards
    Suresh

  2. #2
    Join Date
    Jul 2008
    Beans
    35
    Distro
    Ubuntu 8.04 Hardy Heron

    Re: Squid3 Transparent

    Hi, I'm no iptables expert (I do everything in shorewall) but according to this link here: http://www.faqs.org/docs/Linux-mini/...tProxy.html#s5 you want the redirect to apply to the interface the packets come in on. In your case, they come in on eth1 and out eth0.

    Code:
    iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j REDIRECT --to-port 4880
    As far as I can tell the DNAT is not required.

  3. #3
    Join Date
    Dec 2010
    Beans
    9

    Re: Squid3 Transparent

    Hi
    I even tryed that,not working. manually working after chabging in browser.
    can you tell how to forward port in shorewall

    Thanks
    suresh

  4. #4
    Join Date
    Jul 2008
    Beans
    35
    Distro
    Ubuntu 8.04 Hardy Heron

    Re: Squid3 Transparent

    Here is what works for me (with squid running on port 3128 ):
    Code:
    REDIRECT        loc        3128         tcp     www      -

  5. #5
    Join Date
    Apr 2009
    Location
    Costa Rica
    Beans
    255
    Distro
    Ubuntu 10.04 Lucid Lynx

    Question Re: Squid3 Transparent

    same problem here, Proxy works great but the transparency doesnt work.

    I followed the tutorial here:

    http://kuscsik.blogspot.com/2008/01/...quid-3-on.html

    Did you managed to get it working?
    Last edited by X1R1; January 21st, 2011 at 06:59 AM.
    Linux User#498977
    There are only 10 types of people in the world. Those who understand binary, and those who dont.
    My Blog about Linux and other stuff

  6. #6
    Join Date
    Oct 2008
    Beans
    10

    Re: Squid3 Transparent

    Yes even mine is not working as transparent. I also tried this http_port IP:3128 transparent but same result...
    Last edited by kashif_max; December 25th, 2011 at 11:27 AM.

  7. #7
    Join Date
    Oct 2008
    Beans
    10

    Re: Squid3 Transparent

    It's now working. I enabled packet forwarding and applied iptable rule as mentioned by furlabs...
    Last edited by kashif_max; June 9th, 2012 at 12:47 PM. Reason: addition

  8. #8
    Join Date
    Dec 2011
    Beans
    10

    Re: Squid3 Transparent

    well, I still can't get it working transparently
    I created a macro.Squid =

    #ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/
    # PORT(S) PORT(S) LIMIT GROUP
    PARAM - - tcp 3128


    and using these rules I'm able to manually proxy http requests:
    Squid/ACCEPT loc $FW
    Web/ACCEPT all all


    but I've tried all kind of different configs and am still not able to get transparent proxying to work. Could someone please spell out exactly their squid/shorewall configuration that is working for transparent proxying....
    Thanks

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •