Search squid archive

Transparent Proxy not working on FC3 with Squid2.5 Stable 11

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

hey friends,

I am trying to configure Squid Transparent Proxy on FC3 and the squid
version is Squid 2.5 Stable 11. I am testing the scenario on 2
machines. The 1st machine is the FC3 and it has got 2 lan cards

eth0:   192.168.1.125/24
eth1:   192.168.2.126/24

Another machine is having only one LAN Card running Windows XP

eth0:  192.168.2.88/24

I added these lines for transparent proxy in squid.conf
http_port 3128  (by default)
httpd_accel_port 80
httpd_accel_host virtual
httpd_accel_with_proxy on
httpd_accel_uses_host_header on

I have also added these lines to squid.conf

acl mynetwork src 192.168.1.125
acl mynetwork1 src 192.168.2.0/24
http_access allow mynetwork
http_access allow mynetwork1

Configured iptables to redirect the request to the proxy from the
domain 192.168.2.0 to port 3128

iptables -t nat -A PREROUTING -i eth1 -s 192.168.2.0/24 -p tcp --dport
80 -j REDIRECT --to-port 3128

iptables -t nat -nvL  ---> shows the nat entries in iptables

Chain PREROUTING (policy ACCEPT 1383 packets, 235K bytes)
pkts bytes target     prot opt in     out     source               destination
   0     0 REDIRECT   tcp  --  eth1   *       192.168.2.0/24
0.0.0.0/0           tcp dpt:80 redir ports 3128

Chain POSTROUTING (policy ACCEPT 9798 packets, 335K bytes)
pkts bytes target     prot opt in     out     source               destination

Chain OUTPUT (policy ACCEPT 9798 packets, 335K bytes)
pkts bytes target     prot opt in     out     source               destination

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.2.0     0.0.0.0         255.255.255.0   U     0      0        0 eth1
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
169.254.0.0     0.0.0.0         255.255.0.0     U     0      0        0 eth0
0.0.0.0         192.168.1.1     0.0.0.0         UG    0      0        0 eth0


sysctl -p

net.ipv4.ip_forward = 0
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.default.accept_source_route = 0
kernel.sysrq = 0
kernel.core_uses_pid = 1

I am not able to browse from the 192.168.2.0 domain. I have
a machine whose ip address is 192.168.2.88 and the gateway of this
machine is 192.168.2.126( eth1 on FC3).

I can ping 192.168.2.88 to 192.168.2.126 and from 192.168.2.126 to
192.168.2.88  but from 192.168.2.88 I am not able to browse the
internet.

If I configure proxy settings for any client in 192.168.1.0/24 domain
it works fine. I am not able to configure transparent proxy for the
test machine.

Any pointers what wrong I am doing ?

Thanks & Regards
[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux