Results 1 to 2 of 2
Thread: [SOLVED] Squid connection
Enjoy an ad free experience by logging in. Not a member yet? Register.
[SOLVED] Squid connection
I have a NAT running with Suse 11.3. SQUID 2.7.STABLE6, SquidGuard: 1.4 Berkeley DB 4.5.20: (July 1, 2010)
I am setting up a transparent proxy on the NAT.
If I set the proxy in the browser, SquidGuard will block blacklists and allow the rest.
If I have no setting in the browser, Squid blocks everything. - it gives an " Invalid Request" error
so Squid is running, SquidGuard is able to be used, I am able to port forward http requests
but Squid does not allow internal network passage through,
I do get the visible host name in the requesting browser so I know I have connected.
I have the default settings at the moment:
acl all src all
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8
acl localnet src 192.168.0.0/23 ( this is my internal test network )
acl SSL_ports port 443
acl Safe_ports port 80
acl Safe_ports port 21
acl Safe_ports port 443
acl Safe_ports port 70
acl Safe_ports port 210
acl Safe_ports port 1025-65535
acl Safe_ports port 280
acl Safe_ports port 488
acl Safe_ports port 591
acl Safe_ports port 777
acl CONNECT method CONNECT
acl shoutcast rep_header X-HTTP09-First-Line ^ICY.[0-9]
acl apache rep_header Server ^Apache
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localnet
http_access allow localhost
http_access deny all
I notice with iptraf that there is no DNS request when you use the proxy setting in the browser where there is a request made when you do not use the proxy. The DNS server is on the outside of the network, not on the NAT. Is this something I should be looking for?
I am reading the squid.conf and checking on Google but I do not see what I am missing.
Can anyone point me to a possible solution?
thanks for your time,
Last edited by Kumado; 08-27-2010 at 06:47 PM. Reason: added information
thanks to this site :
Transparent proxy with Squid | Christian Schenk
they post on making a transparent proxy server and were kind enough to include that for ver 2.6.xx what is needed.
All I had to do was add the word "transparent" to my http_port line.