Dayo Adewunmi wrote:
Hi,
We use squid on our main server and I'm trying to set up a transparent
proxy
for one user. This transparent proxy would have our main squid as its
parent,
and the user won't have to make any changes in their browser. This is
necessary,
because the user has no admin privileges on his laptop, so I can go in
there and
change his settings.
I'm using Ubuntu 8.04 on the main server and 9.04 on the transparent box.
IPs:
Main proxy: 192.168.0.1
Trans. proxy: 192.168.5.2 (eth0 - external) 10.20.0.1 (eth1 - internal)
This is my /etc/squid/squid.conf
http_port 3128 transparent
acl our_networks src 10.20.0.0/24
acl localnet src 127.0.0.1/255.255.255.255
http_access allow our_networks
http_access allow localnet
cache_peer 192.168.0.1 parent 3128 3130 proxy-only default
And then I ran these two lines in my terminal and reloaded squid.
|$ iptables -t nat -A PREROUTING -i eth1 -p tcp -m tcp --dport 80 -j
DNAT --to-destination 10.20.0.1:3128
$ iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j
REDIRECT --to-ports 3128|
No.
My user still can't access the internet with this. On my main server I
have:
/sbin/route add -net 10.0.0.0/8 gw 192.168.5.2
http://wiki.squid-cache.org/ConfigExamples/Intercept/LinuxDnat
Amos
--
Please be using
Current Stable Squid 2.7.STABLE7 or 3.0.STABLE21
Current Beta Squid 3.1.0.15
