Have you followed http://wiki.squid-cache.org/ConfigExamples/ and setup the forwarding, et al, correctly? Just so you know, I can build a proxy from a default debian install by following one of the examples there and transparent proxying "just" works. Adriank On Sat, Feb 09, 2008, kang ason wrote: > Dear All > I was succesfully installing squid 2.6 STABLE 18 in > debian 4.0 with > command and option bellow > ./configure --prefix=/usr/local/squid > --enable-delay-pools--enable-poll > --disable-indent-lookup --enable-truncate > --enable-cache-digests --enable-linux-netfilter > --enable-async-io=16 --enable-removal-policies\ > > ./make all > ./make install > > This server have two interfaces, eth0 to internet & > eth1 to LAN > And this is my squid.conf > > http_port 8080 transparent > acl all src 0.0.0.0/0.0.0.0 > acl manager proto cache_object > acl localhost src 127.0.0.1/32 > acl to_localhost dst 127.0.0.0/8 > acl SSL_ports port 443 > acl Safe_ports port 80 # http > acl Safe_ports port 21 # ftp > acl Safe_ports port 443 # https > acl Safe_ports port 70 # gopher > acl Safe_ports port 210 # wais > acl Safe_ports port 1025-65535 # unregistered ports > acl Safe_ports port 280 # http-mgmt > acl Safe_ports port 488 # gss-http > acl Safe_ports port 591 # filemaker > acl Safe_ports port 777 # multiling http > acl Safe_ports port 631 # cups > acl Safe_ports port 873 # rsync > acl Safe_ports port 901 # SWAT > acl purge method PURGE > acl CONNECT method CONNECT > acl apache rep_header Server ^Apache > > ## client IP Address > acl vlan10 src 192.168.10.0/24 > icp_access allow all > hierarchy_stoplist cgi-bin ? > cache_mem 64 MB > maximum_object_size_in_memory 4096 KB > memory_replacement_policy heap GDSF > cache_replacement_policy heap LFUDA > cache_dir ufs /usr/local/squid/var/cache 5000 18 256 > minimum_object_size 0 KB > maximum_object_size 51200 KB > cache_swap_low 98 > cache_swap_high 99 > access_log /usr/local/squid/var/logs/access.log squid > cache_log /dev/null > cache_store_log /dev/null > emulate_httpd_log off > log_ip_on_direct on: > mime_table /usr/local/squid/etc/mime.conf > log_mime_hdrs off > pid_filename /usr/local/squid/var/logs/squid.pid > log_fqdn off > client_netmask 255.255.255.0 > acl QUERY urlpath_regex cgi-bin \? > cache deny QUERY > refresh_pattern ^ftp: 1440 20% 10080 > refresh_pattern ^gopher: 1440 0% 1440 > refresh_pattern (cgi-bin|\?) 0 0% 0 > refresh_pattern . 0 20% 4320 > http_access deny CONNECT !SSL_ports > http_access deny !Safe_ports > http_access allow localhost > http_access allow manager localhost > http_access allow purge localhost > http_access allow vlan10 > http_access deny manager > http_access deny all > broken_vary_encoding allow apache > cache_vary on > cache_effective_user proxy > cache_mgr wifiproxy2008 > ipcache_size 2048 > ipcache_low 98 > ipcache_high 99 > fqdncache_size 2048 > coredump_dir /usr/local/squid/var/cache > visible_hostname wifi2008 > cache_effective_group proxy > always_direct allow all > store_dir_select_algorithm round-robin > extension_methods REPORT MERGE MKACTIVITY CHECKOUT > ##---- end of squid.conf ---- > Squid Running No error > > and this is my iptables for squid transparent > iptables -t nat -A PREROUTING -i eth0 -s 192.168.10.10 > -p tcp --dport 80 -j ACCEPT > iptables -t nat -A PREROUTING -i eth1 -s 192.168.10/24 > -p tcp --dport 80 -j REDIRECT --to-port 8080 > iptables -t filter -A FORWARD -i eth1 -s 192.168.10/24 > -p tcp --dport 80 -j REJECT > > what wrong with my squid.conf or iptables rules? > why transparent proxy not working, & why client must > setting using proxy in their browser if the want > using proxy > > thaks > > regards > ason > Cah Kopeng > Lereng Utara Gunung Merbabu > > > ____________________________________________________________________________________ > Never miss a thing. Make Yahoo your home page. > http://www.yahoo.com/r/hs -- - Xenion - http://www.xenion.com.au/ - VPS Hosting - Commercial Squid Support - - $25/pm entry-level VPSes w/ capped bandwidth charges available in WA -
