Redirectig Squid

950801 950801@sina.com
Thu, 24 Jan 2002 09:21:15 +0800 

hi,the follow is my step for squid(Transproxy) install,

[root@test local]# groupadd squid
[root@test local]# adduser squid -g squid -d /usr/local/squid
[root@test local]# passwd squid
[root@test local]# su - squid
[squid@test squid]$ cp /usr/local/src/squid/squid-2.4.STABLE1-src.tar.gz   ./
[squid@test squid]$ tar zxvf squid-2.4.STABLE1-src.tar.gz
[squid@test squid]$ cd squid-2.4.STABLE1
[squid@test squid-2.4.STABLE1]$ ./configure --enable-linux-netfilter
[squid@test squid-2.4.STABLE1]$ make
[squid@test squid-2.4.STABLE1]$ make install
[squid@test squid-2.4.STABLE1]$cd /usr/local/squid/etc
[squid@test etc]$ vi squid.conf
##############squid.conf################
http_port 3128
cache_mem 8 MB
cache_swap_low 90
cache_swap_high 95
maximum_object_size 4096 KB
cache_dir ufs /usr/local/squid/cache 100 16 256
cache_access_log /usr/local/squid/logs/access.log
cache_log /usr/local/squid/logs/cache.log
cache_store_log /usr/local/squid/logs/store.log
http_access allow  all
cache_effective_user squid
cache_effective_group squid
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on 
httpd_accel_uses_host_header on 
################squid.conf#################

[squid@test etc]$cd ./bin

[squid@test bin]$ ./squid -z

[squid@test bin]$ ./squid 

 


SQUID IS OK!

 

[root@test /]# iptables -t nat -A PREROUTING  -p tcp --dport 80 -j REDIRECT --to-port 3128    

   

[root@test /]# iptables -t nat -A POSTROUTING -s 192.168.8.0/24 -p udp --dport 53 -j SNAT --to 172.21.101.132

 

[root@test /]# iptables -t nat -A POSTROUTING -s 192.168.8.0/24 -p tcp --dport 53 -j SNAT --to 172.21.101.132

 

Transproxy is ok!

----- Original Message -----
From:"Arthur Meyer" <arthur.meyer@tbz.ch>
To:netfilter@lists.samba.org
Subject:Redirectig Squid
Date:Wed, 23 Jan 2002 23:08:40 +0800
 >Hi all
 >
 >I want to redirect Port 80 to Port 3128 (Squid)
 >I use iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j 
 >REDIRECT --to-port 3128
 >
 >All I get is illegal URL. 
 >
 >Has anybody  tried to do the same thing? If I remove this 
 >command, I can get through .
 >Thanks 
 >Arthur
 >
 >Arthur Meyer
 >Technische Berufsschule Z黵ich
 >Technische Dienste
 >Ausstellungsstr. 70
 >8090 Z黵ich
 >
 >
 >

______________________________________

===================================================================
新浪免费电子邮箱 (http://mail.sina.com.cn)
新浪分类信息:轻松订阅,量身定制,好信息来找你! (http://classad.sina.com.cn/)
新浪闪烁短信闪亮登场 传情无限 (http://sms.sina.com.cn/cgi-bin/sms/smspic.cgi?spec=11&type=0)