I am trying to get Squid to run as a transparent proxy on my Shorewall box. However, when ever I set up the redirect I get a Squid error message from every URL I enter. ERROR The requested URL could not be retrieved While trying to retrieve the URL: / The following error was encountered: Invalid URL I can set my browser manually to use the proxy and it works, so I am wondering where I have gone wrong. The rules I have are as follows: REDIRECT loc 3128 tcp 80 Then I have a policy $FW all ACCEPT According to the FAQ this should work. Any ideas? Thanks! ________________________________________ Chip Burke ------------------------------------------------------- SF.Net email is sponsored by: Tame your development challenges with Apache''s Geronimo App Server. Download it for free - -and be entered to win a 42" plasma tv or your very own Sony(tm)PSP. Click here to play: http://sourceforge.net/geronimo.php
Chip Burke wrote on 20/09/2005 10:32:35:> I am trying to get Squid to run as a transparent proxy on my Shorewallbox.> However, when ever I set up the redirect I get a Squid error messagefrom> every URL I enter. > > ERROR > The requested URL could not be retrieved > > While trying to retrieve the URL: / > The following error was encountered: > Invalid URL > > > I can set my browser manually to use the proxy and it works, so I am > wondering where I have gone wrong. > > The rules I have are as follows: > > REDIRECT loc 3128 tcp 80 > > Then I have a policy > > $FW all ACCEPT > > According to the FAQ this should work. Any ideas? >Did you added the following lines to squid.conf? I know they are in the FAQs and you of course read them, but I doesn''t hurt asking... httpd_accel_host virtual httpd_accel_port 80 httpd_accel_with_proxy on httpd_accel_uses_host_header on because that is exactly what I''m doing here and it works... -- Eduardo Ferreira
Hrm, that did indeed work... but where did you find that information? I would like to have the info for future reference and maybe even understand why I need to enable the accelerator for basic transparent proxy functions. Thanks! ________________________________________ Chip Burke -----Original Message----- From: shorewall-users-admin@lists.sourceforge.net [mailto:shorewall-users-admin@lists.sourceforge.net] On Behalf Of Eduardo Ferreira Sent: Tuesday, September 20, 2005 9:58 AM To: shorewall-users@lists.sourceforge.net Subject: Re: [Shorewall-users] Squid and Shorewall Chip Burke wrote on 20/09/2005 10:32:35:> I am trying to get Squid to run as a transparent proxy on my Shorewallbox.> However, when ever I set up the redirect I get a Squid error message from > every URL I enter. > > ERROR > The requested URL could not be retrieved > > While trying to retrieve the URL: / > The following error was encountered: > Invalid URL > > > I can set my browser manually to use the proxy and it works, so I am > wondering where I have gone wrong. > > The rules I have are as follows: > > REDIRECT loc 3128 tcp 80 > > Then I have a policy > > $FW all ACCEPT > > According to the FAQ this should work. Any ideas? >Did you added the following lines to squid.conf? I know they are in the FAQs and you of course read them, but I doesn''t hurt asking... httpd_accel_host virtual httpd_accel_port 80 httpd_accel_with_proxy on httpd_accel_uses_host_header on because that is exactly what I''m doing here and it works... -- Eduardo Ferreira ------------------------------------------------------- SF.Net email is sponsored by: Tame your development challenges with Apache''s Geronimo App Server. Download it for free - -and be entered to win a 42" plasma tv or your very own Sony(tm)PSP. Click here to play: http://sourceforge.net/geronimo.php
On Tuesday 20 September 2005 07:57, Chip Burke wrote:> Hrm, that did indeed work... but where did you find that information? I > would like to have the info for future reference and maybe even understand > why I need to enable the accelerator for basic transparent proxy functions.At the top http://www.shorewall.net/Shorewall_Squid_Usage.html is a section entitled "Squid as a Transparent Proxy" -- you might try reading it. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
Chip Burke wrote on 20/09/2005 11:57:35:> Hrm, that did indeed work... but where did you find that information? Ihmmm, let me see. I used my crystal magic ball and: - I opened my browser and typed http:/www.shorewall.net - From the main page, I clicked ''Documentation'' on the left panel. - Once I got there, I did a search and found a page named "Squid And Shorewall". - I clicked on the link and the page opens with "Squid as Transparent Proxy". There I go... jokes apart, shorewall documentation is one of the bests in the world. It has everything needed... Everything you need to do is a little search - it even has a form field that does that in the main page! cheers, -- Eduardo Ferreira
Ah, it isn''t in the Shorewall FAQ directly but in that other document. Thanks guys. ________________________________________ Chip Burke -----Original Message----- From: shorewall-users-admin@lists.sourceforge.net [mailto:shorewall-users-admin@lists.sourceforge.net] On Behalf Of Tom Eastep Sent: Tuesday, September 20, 2005 11:11 AM To: shorewall-users@lists.sourceforge.net Subject: Re: [Shorewall-users] Squid and Shorewall On Tuesday 20 September 2005 07:57, Chip Burke wrote:> Hrm, that did indeed work... but where did you find that information? I > would like to have the info for future reference and maybe even understand > why I need to enable the accelerator for basic transparent proxyfunctions. At the top http://www.shorewall.net/Shorewall_Squid_Usage.html is a section entitled "Squid as a Transparent Proxy" -- you might try reading it. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key ------------------------------------------------------- SF.Net email is sponsored by: Tame your development challenges with Apache''s Geronimo App Server. Download it for free - -and be entered to win a 42" plasma tv or your very own Sony(tm)PSP. Click here to play: http://sourceforge.net/geronimo.php