Teber Özceyhan wrote:
hi all,
I've FC8 Box running as firewall-proxy.
this is my first try to run this kind of box. But there is some
problems. iptables have simply 2 basic sentence.
but Transparent proxy doesn't work
iptables 1.3.8
iptables -X
iptables -t nat -A POSTROUTING -s 192.168.2.0/24 -j MASQUERADE
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j REDIRECT
--toports 3128
my box has two ethernet eth1 to LAN eth0 to INTERNET
in Squid conf (Squid 2.6 STABLE 17-1.fc8)
http_port localhost:3128 transparent
always_direct allow all
squid an iptables works i think.
when a client in LAN side connect to internet with transparent proxy
there is an error. (ERROR The requested URL could not be retrieved )
if the proxy is declared manually there is no problem
what may be the problem.
Remove the 'localhost' part of the http_port config line.
The iptables documentation describing "to a local port" does NOT mean a
localhost(127.0.0.1) port.
Amos
--
Please use Squid 2.6STABLE17+ or 3.0STABLE1+
There are serious security advisories out on all earlier releases.
