On Thu, Mar 01, 2007, Angela Burrell wrote: Transparent redirection: > This is the line in my firewall that redirects the HTTP requests from port > 80 to port 3328: > iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j > REDIRECT --to-port 3328 > > When I comment out this line, clients on the LAN can get through to the > Internet. When the above line is implemented, we get the following error in > all browsers, to all hosts. ERR_INVALID_REQ > > The following error was encountered: > Invalid Request > Some aspect of the HTTP Request is invalid. Possible problems: > Missing or unknown request method > Missing URL > Missing HTTP Identifier (HTTP/1.0) > Request is too large > Content-Length missing for POST or PUT requests > Illegal character in hostname; underscores are not allowed > Your cache administrator is webmaster. > > > > > Generated Wed, 28 Feb 2007 22:49:09 GMT by squid (squid/2.6.STABLE1) > > Here is my squid.conf file, hoping it will help. > ############################ > http_port 3328 You need to add 'transparent' to this line, ie: http_port 3328 transparent And make sure you've compiled squid with --enable-linux-netfilter . (And you also should upgrade, there's quite a few nasty bugs between squid-2.6.STABLE1 and Squid-2.6.STABLE9.) Adrian
