Ricardo A wrote:
I have a server-Debian Lenny as a router-firewall-webserver with
Squid 2.7 and Apache2. Asked is: how could I configure Squid as a
transparent proxy (for the internal network) and also as accelerator
mode for the webserver??? And what would the iptables rules to output
Internet (from internal network) and to input external requests to
port 80 of web server???? Sorry, I came here because can not find
updated doc in spanish about Squid 2.7... Thanks for any help Ricardo
I assume by "transparent" you mean "NAT intercepting", based on the
mantion of iptables.
Your interception setup in iptables _should_ only be catching the port
80 traffic going from the internal clients to the Internet. Leaving
traffic coming in from the Internet, and traffic coming from the Squid
box completely untouched. You may need to add "-s $CLIENTIPS/RANGE" to
the iptables rules depending on which tutorial you followed to set it up.
The interception rules also _should_ be redirecting the traffic to some
random listening port Squid is using on the Squid box. (DO NOT use port
80 as the 'transaprent' squid receiving port for this!).
Given those two requirements for interception, add the reverse proxy
configuration to squid.conf and open port 80 for whoever to get access.
http://wiki.squid-cache.org/ConfigExamples/Reverse/BasicAccelerator
Noting that the reverse-proxy config details need to all be above the
http_access lines controlling the interception access permissions.
Amos
--
Please be using
Current Stable Squid 2.7.STABLE6 or 3.0.STABLE18
Current Beta Squid 3.1.0.13
