thr3ads.net - Shorewall users - [Shorewall-users] Transparent proxy with Squid [Oct 2002]

If this information is useful, please help other people find it:
Share via:

Jason Yap

2002-Oct-14 05:03 UTC

[Shorewall-users] Transparent proxy with Squid

I''ve been scrolling thru the FAQ and mailing list but still
couldn''t
find any clues on redirecting HTTP traffic to squid which resides on
another machine, any idea?
 
Thanks
 
Jason

Craig Zilko

2002-Oct-14 08:32 UTC

head link

[Shorewall-users] Transparent proxy with Squid

Jason

I added the following line at the end of the /etc/shorewall/common.def

run_iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT=20
--to-port 3128

and restarted shorewall and it worked for me .... I don''t know if this
is the=20
correct answer - but I find if it works, leave it alone :)

On Mon, 14 Oct 2002 13:03, Jason Yap wrote:> I''ve been scrolling thru the FAQ and mailing list but still
couldn''t
> find any clues on redirecting HTTP traffic to squid which resides on
> another machine, any idea?
>
> Thanks
>
> Jason
--=20
Cheers,
=09Craig.

Mandrake Linux 9.0
Kernel version: 2.4.19-16mdk
Current Linux Uptime: 1 day 8 hours 47 minutes.
Registered Linux User: 228534

Tom Eastep

2002-Oct-14 12:50 UTC

head link

[Shorewall-users] Transparent proxy with Squid

Craig Zilko wrote:> Jason
> 
> I added the following line at the end of the /etc/shorewall/common.def
> 
> run_iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT 
> --to-port 3128
> 
> and restarted shorewall and it worked for me .... I don''t know if
this is the
> correct answer - but I find if it works, leave it alone :)
> 
That line works for redirecting http to port 3128 ON THE FIREWALL SYSTEM 
and is generated by the following entry in /etc/shorewall/rules:

REDIRECT	loc	3128	tcp	80

I believe that the Linux Advanced Routing and Traffic Control HOWTO covers 
this topic. There''s a link from the "Useful Links" page on
the Shorewall
site. It requires a combination of policy routing on the firewall system 
and an iptables rule similar to what Craig posted on the Squid box.

-Tom
-- 
Tom Eastep    \ Shorewall - iptables made easy
AIM: tmeastep  \ http://www.shorewall.net
ICQ: #60745924  \ teastep@shorewall.net

Tom Eastep

2002-Oct-14 12:56 UTC

head link

[Shorewall-users] Transparent proxy with Squid

Tom Eastep wrote:> 
> 
> Craig Zilko wrote:
> 
>> Jason
>>
>> I added the following line at the end of the /etc/shorewall/common.def
Also, you should NEVER modify common.def.

-Tom
-- 
Tom Eastep    \ Shorewall - iptables made easy
AIM: tmeastep  \ http://www.shorewall.net
ICQ: #60745924  \ teastep@shorewall.net

Shorewall users - Oct 2002 - Transparent proxy with Squid

[Shorewall-users] Transparent proxy with Squid

[Shorewall-users] Transparent proxy with Squid

[Shorewall-users] Transparent proxy with Squid

[Shorewall-users] Transparent proxy with Squid