Search squid archive

Re: intercept vs. accel vhost allow-direct

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello,
Okay, forward proxy port updated to 3128.  This is my scenario here:

Internet <> eth0 LAN port <> Server
WIFI AP-User <> WIFI AP <> eth1 LAN port <> Server

So my AP-USER can browse HTTPS for now, but not HTTP. And Squid3 is handling
HTTP transparent proxy here. If I remove Squid3 from the scenerio, AP-USER
can browse both HTTP and HTTPS. In the server, CoovaChilli takes control of
the internal interface (eth1) using a raw promiscuous socket. It then uses
the tun0 to pass and receive packets to and from the WAN(eth0).

http_port 3128
http_port 3130 intercept

Even AP-USER can browse both http and https, if I replace the above config
with: 

http_port 3128 accel vhost allow-direct
-A PREROUTING ..... --dport 80 -j REDIRECT --to-ports 3128

It only doesn't work when I configure two-port and HTTP transparent proxy.

I tried dropping the drop rule, it doesn't work. Please check my full
iptables here: 
https://paste.grasehotspot.org/view/raw/529efd6c
<https://paste.grasehotspot.org/view/raw/529efd6c>  







--
Sent from: http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-Users-f1019091.html
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users




[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux