5 messages in org.freebsd.freebsd-ispSquid proxy 2.6 with FreeBSD 6.2| From | Sent On | Attachments |
|---|---|---|
| Anwarul Mamun | Sep 11, 2007 4:51 am | |
| Andrew Pantyukhin | Sep 11, 2007 11:55 am | |
| Anwarul Mamun | Sep 11, 2007 9:50 pm | |
| Andrew Pantyukhin | Sep 12, 2007 1:40 am | |
| Tek Bahadur Limbu | Sep 12, 2007 7:14 am |
| Subject: | Squid proxy 2.6 with FreeBSD 6.2 | |
|---|---|---|
| From: | Tek Bahadur Limbu (tekl...@wlink.com.np) | |
| Date: | Sep 12, 2007 7:14:53 am | |
| List: | org.freebsd.freebsd-isp | |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hi Anwarul,
Have you read what Andrew had said and tried the rules?
On Tue, 11 Sep 2007 17:23:28 +0600 "Anwarul Mamun" <mam...@freebsdmovement.org> wrote:
Hi All!
I have a linux gateway server (using iptables on this) where my client hit first. I want to direct the http traffic to the proxy server based on FreeBSD ( i mean transparent proxy). I am using FreeBSD 6.2 and Squid proxy 2.6. I have directed the http traffic from my linux gateway server to the proxy server on FreeBSD as below. But the transparent proxying does not work. Is there anyone worked with the issues on transparent proxy with FreeBSD 6.2. who may suggest in this case?
If you had directed the http traffic from your Linux Gw box to your FreeBSD
Squid box,
do you actually see any kind of http traffic on the FreeBSD box?
Have you verified with tcpdump?
/sbin/iptables -t nat -A PREROUTING -s 192.168.40.0/24 -p tcp --dport 80 -j DNAT --to 172.16.3.1:8080 /sbin/iptables -t nat -A PREROUTING -s 192.168.40.0/24 -p tcp --dport 8080 -j DNAT --to 172.16.3.1:8080
You can try the following:
On the Linux box:
iptables -t nat -A PREROUTING -i eth0 -s ! squid-box -p tcp --dport 80 \ - -j DNAT --to squid-box:8080
iptables -t nat -A POSTROUTING -o eth0 -s local-network -d squid-box \ - -j SNAT --to iptables-box
iptables -A FORWARD -s local-network -d squid-box -i eth0 -o eth0 -p \ tcp --dport 8080 -j ACCEPT
By the way, what's the output of "squid -v" on your FreeBSD box and the relevant transproxy config in your squid.conf?
On the FreeBSD Squid box:
IPFW add fwd 127.0.0.1,3128 tcp from any to any 80 in IPFW add allow tcp from local-network to any 3128 in via $NET_IF IPFW add 65533 deny log all from any to any
If everything goes fine, then it should work!!!
In my opinion, running squid in the Linux gateway would be the easiest solution!:)
Hope it helps.
Thanking you....
Regards,
M
_______________________________________________ free...@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-isp To unsubscribe, send any mail to "free...@freebsd.org"
- --
With best regards and good wishes,
Yours sincerely,
Tek Bahadur Limbu
System Administrator
(TAG/TDG Group) Jwl Systems Department
Worldlink Communications Pvt. Ltd.
Jawalakhel, Nepal http://wlink.com.np/
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (FreeBSD)
iD8DBQFG5+/2fpE0pz+xqQQRAkBAAJ43D4slIqP6SgkNW2310CHej2ibnACfWNyr gLvulC9kMmZQklgC/3vs+1A= =QfO7 -----END PGP SIGNATURE-----