Re: https not working on transparent bridge mode

[Chris Robertson <crobertson@xxxxxxx>]

Jawed Ahmed wrote:

> -------
>
>
>
>
> hi group, 
> I am facing a transparent proxying problem. 
> read through the mail archives but could not locate solution to my problem, therefore  
> this mail 
>
>
> I have the following configuration 
>
> squid 2.5 stable 12 
> iptables 1.3.5 
> fedora 5 
>
> I dont' have direct access to internet, my squid box has the ip of the router(which has  
> public IP on its other interface) as gateway and traffic from port 80 and 443 are allowed  
> on the router to the squid box. the squid box has only one network card. 
>
>
>
> I have done exactly what has been advised on the various guides and manuals.. 
> namely,  
> made the 5 changes to squid.conf,  
> added one rule in iptables to redirect port 80 traffic to port 3128 
> added one postrouting rule in iptables to masquerade for port 443 
>
> after changing the gateway ip of the clients to point to the ip of the squid box, I am able  
> to surf only the http sites. I am not able to surf the https sites. All the sites work properly  
> if I configure the browser to use the proxy on port 3128 explicitly. 
>
> In some of the pages this configuration is mentioned as the bridge configuration.  
>
> I am a linux newbie, any help to proceed forward is highly appreciated. 
>
> Jawed Ahmed 
>
>
>
>
> --  
> 9825325766 
> 079-25555625,25555634 
> jawed.ahmed@xxxxxxxxxxxxxx 
> ------- End of forwarded message -------
>  
This is not really a Squid question.  The Squid portion of your setup is 
working correctly.

That being said, have you loaded the iptable_nat module (modprobe 
iptable_nat) and made sure your box is set up to forward IP packets 
(echo 1 > /proc/sys/net/ipv4/ip_forward)?

Chris