Search squid archive

RE: Really transparent proxy

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Zul, we already do that... it doesn't chance anything :(

I don't remember right now how it was but, in option 1 via off, forward off, show that I'm BEHIND a proxy, but show the client ip address. Option 2: Without via and forward doesn't, but shows the squid ip address, instead the clients ip, I don't know if you understand me :(

But it was something like that :(

Tnxs to all
Facundo Vilarnovo
 

-----Mensaje original-----
De: zulkarnain [mailto:sizulku@xxxxxxxxx] 
Enviado el: Miércoles, 16 de Mayo de 2007 12:55 a.m.
Para: Facundo Vilarnovo; squid-users@xxxxxxxxxxxxxxx
Asunto: RE:  Really transparent proxy

Add this following entry to your squid.conf

via off
forwarded_for off

Regards,
Zul
--- Facundo Vilarnovo <fvilarnovo@xxxxxxxxxx> wrote:

> Here it goes!
> #####squid Conf.#####
> http_port 3128 tproxy  transparent
> hierarchy_stoplist cgi-bin ?
> acl QUERY urlpath_regex cgi-bin \?
> cache deny QUERY
> acl apache rep_header Server ^Apache
> broken_vary_encoding allow apache
> access_log /usr/local/squid/var/logs/access.log
> squid
> refresh_pattern ^ftp:		1440	20%	10080
> refresh_pattern ^gopher:	1440	0%	1440
> refresh_pattern .		0	20%	4320
> acl all src 0.0.0.0/0.0.0.0
> acl manager proto cache_object
> acl localhost src 127.0.0.1/255.255.255.255
> 	acl Safe_ports port 80		# http
> 	acl Safe_ports port 21		# ftp
> 	acl Safe_ports port 443		# https
> 	acl Safe_ports port 70		# gopher
> 	acl Safe_ports port 210		# wais
> 	acl Safe_ports port 1025-65535	# unregistered ports
> 	acl Safe_ports port 280		# http-mgmt
> 	acl Safe_ports port 488		# gss-http
> 	acl Safe_ports port 591		# filemaker
> 	acl Safe_ports port 777		# multiling http
> acl to_localhost dst 127.0.0.0/8
> acl SSL_ports port 443
> acl Safe_ports port 80		# http
> acl Safe_ports port 21		# ftp
> acl Safe_ports port 443		# https
> acl Safe_ports port 70		# gopher
> acl Safe_ports port 210		# wais
> acl Safe_ports port 1025-65535	# unregistered ports
> acl Safe_ports port 280		# http-mgmt
> acl Safe_ports port 488		# gss-http
> acl Safe_ports port 591		# filemaker
> acl Safe_ports port 777		# multiling http
> acl CONNECT method CONNECT
> http_access allow manager localhost
> http_access deny manager
> http_access deny !Safe_ports
> http_access deny CONNECT !SSL_ports
> acl our_networks src 0.0.0.0/0.0.0.0
> http_access allow our_networks
> http_access deny all
> http_reply_access allow all
> icp_access allow all
> visible_hostname debian-sq
> wccp2_router XXX.XXX.XXX.XXX
>  wccp_version 4
>  wccp2_forwarding_method 1
>  wccp2_return_method 1
>  wccp2_assignment_method 1
> coredump_dir /usr/local/squid/var/cache
> ###### end of file #####
> 
> Here are the Iptables:
> squid-RC9:/usr/local/squid/etc# iptables -L -t
> tproxy
> Chain PREROUTING (policy ACCEPT)
> target     prot opt source               destination
>         
> TPROXY     tcp  --  anywhere             anywhere   
>         tcp dpt:www
> TPROXY redirect 0.0.0.0:3128
> TPROXY     tcp  --  anywhere             anywhere   
>         tcp dpt:www
> TPROXY redirect 0.0.0.0:80
> TPROXY     tcp  --  anywhere             anywhere   
>         tcp dpt:www
> TPROXY redirect 0.0.0.0:80
> TPROXY     tcp  --  anywhere             anywhere   
>         tcp dpt:www
> TPROXY redirect 0.0.0.0:3128
> 
> Chain OUTPUT (policy ACCEPT)
> target     prot opt source               destination
>        
> 
> if any extra info is needed i have no problem to
> postit! 
> 
> 
> Thnxs all!!
> Facundo Vilarnovo



 
____________________________________________________________________________________
8:00? 8:25? 8:40? Find a flick in no time 
with the Yahoo! Search movie showtime shortcut.
http://tools.search.yahoo.com/shortcuts/#news


[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux