Thanks! That would indeed cover the first issue :-) I initially used
redirect because somewhere I read that it's not a good idea forwarding
the traffic directly to the port where squid listens and it should be
pointed to another port instead and then redirected. However, working as
this, it would be enough to set a firewall policy to permit just the
client range of IPs. Let's see whether I can solve the second issue too...
Regards!
El 15/07/2014 21:21, babajaga escribió:
Regarding first issue:
Have a look here for a correct solution:
http://wiki.squid-cache.org/ConfigExamples/Intercept/AtSource
#Example for squid and NAT on same machine:
iptables -t nat -A OUTPUT -p tcp --dport 80 -j DNAT --to-destination
SQUIDIP:3128
#Replace SQUIDIP with the public IP which squid may use for its listening
port and outbound connections.
You are redirecting port 8080 ... That means, you have a proxy explicitly
set up in the brwoser.
DO not do this for transparent squid. That's the purpose of the steup :-)
--
View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/Three-questions-about-Squid-configuration-tp4666931p4666933.html
Sent from the Squid - Users mailing list archive at Nabble.com.