On 21.03.2012 06:36, Zhu, Shan wrote:
Hi, Gareth and others,
My situation is like part of you said, I am using the proxy server as
a "gateway" and the clients are not aware of it.
I am setting the squid to run on port 80, with only this
configuration.
***
http_port 80 transparent
***
For experiment, I have no rules in IP tables, and it's turned off.
You sure about that? somehow packets from client are being NAT'd to
arrive at Squids IP address.
When they leave the client they say something like "destination
10.0.0.4:80" and for squid to pick them up they have to say something
like "destination 127.0.0.1:80" (or any of the IP addresses assigned to
the Squid box).
It's basically working, at least for HTTP for now.
Please also check this post:
http://www.deckle.co.za/squid-users-guide/Transparent_Caching/Proxy
As opposed to the wiki maintained by the Squid authors:
http://wiki.squid-cache.org/ConfigExamples/Intercept/LinuxDnat
From: GarethC
If you set your Squid server to run on port 80, you could still run
it as a transparent proxy, you would still need to do the port
forwarding from your firewall to the Squid server.
such as:
iptables ... --dport 80 -j DNAT --to $SQUIDIP:80
Amos
