Search squid archive

Transparent proxy testing from the proxy server

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi,

I'm trying to set up squid as a transparent proxy on a Centos 4.x system.  
Unfortunately, this means the system is stuck with the default system RPM's 
(Version 2.5.STABLE6) (unless someone is making an RPM for CentOS for 4.6, 
but I could not find one.)

When I configure the server to redirect it's own requests to the squid proxy 
in the firewall (to test as I don't have access to the lan clients beind it) 
I get failed ACL:

1178066297.760      0 127.0.0.1 TCP_DENIED/403 1339 GET http://google.com/ - 
NONE/- text/html
1178066297.761      3 127.0.0.1 TCP_MISS/403 1378 GET http://google.com/ - 
DIRECT/64.233.167.99 text/html

I am wondering if anyone might have an example configuration from a CentOS 4.x 
system for a transparent squid proxy that works that I could try, or if 
anyone would be willing to take a look at my configuration and suggest what 
might be wrong.

The configuration I am using is:

hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
hosts_file /etc/hosts
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern . 0 20% 4320
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl lan src 64.233.167.99 192.168.1.0/24
acl SSL_ports port 443 563
acl Safe_ports port 80          # http
acl Safe_ports port 21          # ftp
acl Safe_ports port 443 563     # https, snews
acl Safe_ports port 70          # gopher
acl Safe_ports port 210         # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280         # http-mgmt
acl Safe_ports port 488         # gss-http
acl Safe_ports port 591         # filemaker
acl Safe_ports port 777         # multiling http
acl purge method PURGE
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access allow all
http_access deny all
http_reply_access allow all
icp_access allow all
coredump_dir /var/spool/squid

Thanks for any help,
Leah
-- 
Leah Kubik : d416-585-9971x692 : d416-703-5977 : m416-559-6511
Frauerpower! Co. : www.frauerpower.com : Toronto, ON Canada
MSN: leah@xxxxxxxxxxxxxxx | AIM: frauerpower | Yahoo: h3inous
F9B6 FEFE 080B 8299 D7EA  1270 005C EC73 47C9 B7A6
[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux