HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   HOWTO-Related Questions (http://www.howtoforge.com/forums/forumdisplay.php?f=2)
-   -   setup squid3 (http://www.howtoforge.com/forums/showthread.php?t=50586)

sureshk89 20th December 2010 08:22

setup squid3
 
Hi
I installed squid3 in my centos 5.5.I tried for transparent proxy which dint work for me. Its working manually after changing in browser.My squid lstens to 4880 port. I have some problems with iptables i think. I am getting following warning when i restart squid.
lan0=internet, lan1=local.


""""""Stopping squid: ................ [ OK ]
2010/12/17 07:16:43| Processing Configuration File: /etc/squid/squid.conf (depth 0)
2010/12/17 07:16:43| Starting Authentication on port 192.168.0.1:4115
2010/12/17 07:16:43| Disabling Authentication on port 192.168.0.1:4115 (interception enabled)
2010/12/17 07:16:43| Initializing https proxy context
Starting squid: . [ OK ]""""""

My squid.conf file changes as follows
""

acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
acl localnet src 192.168.1.60 192.168.0.0/24 # RFC1918 possible internal network

acl SSL_ports port 443 563 # https, snews
acl SSL_ports port 873 # rsync
acl SSL_ports port 443
acl Safe_ports port 110 #pop3
acl Safe_ports port 25 #smtp
acl Safe_ports port 465
acl Safe_ports port 143
acl Safe_ports port 585
acl Safe_ports port 80 # http
acl Safe_ports port 993
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 21132 #SharePoint
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 631 # cups
acl Safe_ports port 873 # rsync
acl Safe_ports port 901 # SWAT
acl purge method PURGE
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localnet
http_access allow localhost
http_access deny all
http_reply_access allow all
icp_access allow localnet
icp_access deny all
htcp_access allow localnet
htcp_access deny all
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
http_port 192.168.0.1:4880 transparent
always_direct allow all
"""
iptables rule
""iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 4880""

Anything wrong in the above.please help

Thanks and Regards
Suresh


All times are GMT +2. The time now is 05:09.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.