Hi everybody !!!
I have one problem with my project and I would like some help.
I'm implemanting transparent proxy in my network. I'm using
SQUID and IPtables for this.
The scnerario:
|----------| eth1|----------|eth0 |------------|
| Internet |------| Firewall |--------|---------| My Network |
|----------| |----------| | |------------|
|
|
|-------|
| SQUID |
|-------|
The idea (project):
The users in my network must to access http through of squid instead
directly.
The rules:
--> SQUID:
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_single_host off
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
--> IPTables:
iptables -t nat -A PREROUTING -i eth0 -s ! squid-box -p tcp --dport 80
-j DNAT --to squid-box:8080
iptables -A FORWARD -s local-network -d squid-box -i eth0 -o eth0 -p
tcp --dport 8080 -j ACCEPT
The problem:
The iptables changes the destination (from anywhere:80 to
squid-box:8080), but the SQUID didn't receive none packets on port 8080.
Can somebody help me ?
Thanks in advance,
Tiago Fioreze
********************************************
* Administrador da Rede *
* *
* Núcleo de Ciência da Computação *
* Universidade Federal de Santa Maria *
* Santa Maria - Rio Grande do Sul - Brasil *
********************************************
------------------------------------------------------------------------
To unsubscribe email security-discuss-request@linuxsecurity.com
with "unsubscribe" in the subject of the message.
