[semi-OT]: Transparent proxy: SQUID & IPTABLES

Emilio Casbas ecasbas at unav.es
Thu Sep 23 12:11:15 CEST 2004


Emilio Casbas wrote:

> Giovanni Costagliola wrote:
>
>> Hello all,
>>
>>            I'm attempting to configure a transparent proxy on my lan.
>>
>>
>>
>> Default gateway and proxy reside on the same machine.
>>
>>
>>
>> I issued the following iptables command:
>>
>>
>>
>> iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT
>> --to-ports 8080
>>
>>
>>
>> where interface eth0 is the one that gateways internal clients.
>>
>>
>>
>> I receive a stupid message by squid caused by incorrect URL syntax.
>>
>>
>>
>> It seems that getting an URL such as:
>>
>>
>>
>> http://www.google.it/search?sourceid=navclient
>> <http://www.google.it/search?sourceid=navclient&hl=it&ie=UTF-8&q=foobar>
>> &hl=it&ie=UTF-8&q=foobar
>>
>>
>>
>> reach Squid layer as
>>
>>
>>
>> /search?sourceid=navclient&hl=it&ie=UTF-8&q=foobar
>>
>>
>>
>> Missing of the protocol and host part!
>>
>>
>>
>> How is it possible?
>>
>>
>>
>>  
>>
Sorry.
This is a tipical web request

> You have to configure squid to accept HTTP requests
> with partial URIs.
>
> see http://www.squid-cache.org/Doc/FAQ/FAQ-17.html


Thanks
Emilio C.




More information about the netfilter mailing list