Search squid archive

[squid-users] Transparent Squid dont work. Wrong iptables rules?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

i want to use Squid 2.5Stable8 on my Debian Sarge System as a transparent 
Proxy. We've got i Firewall here (debian machine with iptables).

The idea is, that the users from the local net (172.21.0.0/16) use the 
transparent proxy.

Squid is running normal on the Proxy Machine and i've set the following 
options in squid.conf:

httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on

We've tried the following iptables rules on the firewall:

iptables -t nat - A PREROUTING -i "Interface for local net" -s ! 
"squid-machine" -p tcp --dport 80 -j DNAT -- "squid-machine:3128"

iptables -t nat -A POSTROUTING -o "Interface for local net" -s "172.21.0.0/16" 
-d "squid-machine" -j SNAT --to "localhost"

iptables -A FORWARD -s "172.21.0.0/16" -d "squid-machine" -i "Interface for 
local net" -o "Interface for local net" -p tcp --dport 3128 -j ACCEPT

That doesnt work. What is wrong?

Thanks for your answers

[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux