Linux Help
guides forums blogs
Home Desktops Distributions ISO Images Logos Newbies Reviews Software Support & Resources Linuxhelp Wiki

Welcome Guest ( Log In | Register )



Advanced DNS Management
New ZoneEdit. New Managment.

FREE DNS Is Back

Sign Up Now
 
Reply to this topicStart new topic
> Configuring Squid Transparent Proxy
Corey
post Mar 5 2004, 12:50 AM
Post #1


Its GNU/Linuxhelp.net
*******

Group: Admin
Posts: 1,254
Joined: 21-September 02
From: St John's, Newfoundland, Canada
Member No.: 3



I'm trying to setup a squid transparent proxy. So far, the proxy is set up, but i have to manually configure browsers to look for the proxy on port 8080, when i do that it's fine.

So, i went to set it up transparently by adding the following to my firewall:

$IPTABLES -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080

So, all requesrs for port 80 would silently forward to port 8080. As well, by suggestion of some docs on the net, i also changed a few variables in squid.conf:

httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on

However, when i turn off my proxy settings in my client web-browser (so it can use the transparent method), i get a

QUOTE
ERROR


The requested URL could not be retrieved


While trying to retrieve the URL: /


The following error was encountered:

Invalid URL

Some aspect of the requested URL is incorrect. Possible problems:

Missing or incorrect access protocol (should be `http://'' or similar)
Missing hostname
Illegal double-escape in the URL-Path
Illegal character in hostname; underscores are not allowed

Your cache administrator is root.


Generated Fri, 05 Mar 2004 02:03:23 GMT by gateway (squid/2.5.STABLE1-20030121)


No matter what the website i put in. This is a Mandrake 9.2 box. Any suggestions accepted smile.gif


--------------------
Corey Quilliam
(former) Linuxhelp.ca Administrator
cquilliam-AT-gmail-dot-com

Want to help out Linuxhelp.net? Check out our Linuxhelp Wiki and see if there are some articles you would like to submit!!

--
Ubuntu 8.04 64-bit - Work Laptop (HP-Compaq NC6400 Core2)
Kubuntu 8.04 64-bit - Desktop (HP m8120n QuadCore)
Ubuntu 6.04 - Server (I'm not upgrading this baby until support runs out in 2012) (Some old POS dell)
Go to the top of the page
 
+Quote Post
Robert83
post Mar 5 2004, 03:05 AM
Post #2


Its GNU/Linuxhelp.net
*******

Group: Support Specialist
Posts: 1,439
Joined: 3-January 04
From: Germany
Member No.: 2,069



Hi,

this might help...

!!! http://www.os4schools.net/index.php?link=squid.html !!!



and that is a great idea, forfarding port 80 to 8080, this way noone can cheat the proxy... smile.gif smile.gif, I'll do it to smile.gif


Sincerely
Robert B


--------------------
Robert Becskei
robert83@linuxhelp.net
--------------------
May the source be with us!
--------------------
AMD X2-3800 @ 2400Mhz
2048MB DDR 400Mhz
DFI Lanparty UT4 NF4 ULTRA-D
GeForce 7800GT
250GB+250GB
Pioneer DVD-RW
17inch Samsung Syncmaster 757NF
WinXP Pro (SP2)/ CentOS 4.3
--------------------
Go to the top of the page
 
+Quote Post
Corey
post Mar 5 2004, 11:17 AM
Post #3


Its GNU/Linuxhelp.net
*******

Group: Admin
Posts: 1,254
Joined: 21-September 02
From: St John's, Newfoundland, Canada
Member No.: 3



Yeah, what's the real point of a proxy if everyone can cheat on it, well,except for the caching part, but even that won't work well if half the network is by-passing the proxy for web access. Thanks for your help, when I get home, i'll check it out.


--------------------
Corey Quilliam
(former) Linuxhelp.ca Administrator
cquilliam-AT-gmail-dot-com

Want to help out Linuxhelp.net? Check out our Linuxhelp Wiki and see if there are some articles you would like to submit!!

--
Ubuntu 8.04 64-bit - Work Laptop (HP-Compaq NC6400 Core2)
Kubuntu 8.04 64-bit - Desktop (HP m8120n QuadCore)
Ubuntu 6.04 - Server (I'm not upgrading this baby until support runs out in 2012) (Some old POS dell)
Go to the top of the page
 
+Quote Post
Robert83
post Mar 8 2004, 05:21 AM
Post #4


Its GNU/Linuxhelp.net
*******

Group: Support Specialist
Posts: 1,439
Joined: 3-January 04
From: Germany
Member No.: 2,069



Hi,

I've started to configure the my squid proxy server, the way , it's mentioned on that site...


here are the error lines :

error : use this :
httpd_accel_host ---> httpd_accel_host virtual
virtual httpd_accel_port ---> httpd_accel_port 80


And if you managed to get reference_age 1 week [for example] working tell me how, I've read that it requires LRU to be used, but where to set it? have you found the command for that? or does it need to be installed with some LRU[blablabla] command ?

Sincerely
Robert B


--------------------
Robert Becskei
robert83@linuxhelp.net
--------------------
May the source be with us!
--------------------
AMD X2-3800 @ 2400Mhz
2048MB DDR 400Mhz
DFI Lanparty UT4 NF4 ULTRA-D
GeForce 7800GT
250GB+250GB
Pioneer DVD-RW
17inch Samsung Syncmaster 757NF
WinXP Pro (SP2)/ CentOS 4.3
--------------------
Go to the top of the page
 
+Quote Post
Termina
post Mar 10 2004, 08:39 PM
Post #5


RMS is my Hero
******

Group: Support Specialist
Posts: 862
Joined: 18-February 04
From: Wisconsin
Member No.: 2,404



Is there a way, with squid, to use the proxy via HTTP and NOT have to go to tools - internet options. etc? (In IE, that is).

I'd like to, from any computer, just type in:

http://mysite.com/proxy.php?www.blach.com

Or whatever. happy.gif If so, anyone have a site that would tell me where to start?


--------------------
*Points finger at the author above him* They're a witch! Burn them!
---
Vist my website!
Join me in IRC! Server: st0rage.org Channel: #UnhandledExceptions
Go to the top of the page
 
+Quote Post
Robert83
post Mar 11 2004, 01:15 AM
Post #6


Its GNU/Linuxhelp.net
*******

Group: Support Specialist
Posts: 1,439
Joined: 3-January 04
From: Germany
Member No.: 2,069



Hi,

you forward port 80 to port [in my case] 3228 with Iptables, and then you will not have to use in IE tools etc..., note : I don't haven't seen any site in usa, and other countries [yet...], that uses port 8080 for https, but I don't recomend using it for the proxy, since here in yu, for example teleport.co.yu uses 8080 for their https [webmail] smile.gif, and some sites will have troubles with transparent proxy.

And be sure to read the Squid configuration guide, on the Squid site, the part about forcing IE 5.5 refresh to make sure IE 5.5 users will get always fresh content, you'll loose 10% of you're total hit's...



Sincerely
Robert B


--------------------
Robert Becskei
robert83@linuxhelp.net
--------------------
May the source be with us!
--------------------
AMD X2-3800 @ 2400Mhz
2048MB DDR 400Mhz
DFI Lanparty UT4 NF4 ULTRA-D
GeForce 7800GT
250GB+250GB
Pioneer DVD-RW
17inch Samsung Syncmaster 757NF
WinXP Pro (SP2)/ CentOS 4.3
--------------------
Go to the top of the page
 
+Quote Post
Termina
post Mar 11 2004, 09:57 AM
Post #7


RMS is my Hero
******

Group: Support Specialist
Posts: 862
Joined: 18-February 04
From: Wisconsin
Member No.: 2,404



If I forward port 80 to that port, then won't it only work on the computers in my LAN? biggrin.gif


--------------------
*Points finger at the author above him* They're a witch! Burn them!
---
Vist my website!
Join me in IRC! Server: st0rage.org Channel: #UnhandledExceptions
Go to the top of the page
 
+Quote Post
Corey
post Mar 11 2004, 03:06 PM
Post #8


Its GNU/Linuxhelp.net
*******

Group: Admin
Posts: 1,254
Joined: 21-September 02
From: St John's, Newfoundland, Canada
Member No.: 3



> If I forward port 80 to that port, then won't it only work on the computers in my LAN?

Well, that's kind of the point. All http requests from inside the lan get forwarded to the proxy so that it can cache the page, or retrive a previously cached page. I wouldn't want anyone from the outside having access to this cache because it could cause a potential security risk.


--------------------
Corey Quilliam
(former) Linuxhelp.ca Administrator
cquilliam-AT-gmail-dot-com

Want to help out Linuxhelp.net? Check out our Linuxhelp Wiki and see if there are some articles you would like to submit!!

--
Ubuntu 8.04 64-bit - Work Laptop (HP-Compaq NC6400 Core2)
Kubuntu 8.04 64-bit - Desktop (HP m8120n QuadCore)
Ubuntu 6.04 - Server (I'm not upgrading this baby until support runs out in 2012) (Some old POS dell)
Go to the top of the page
 
+Quote Post
Termina
post Mar 11 2004, 05:25 PM
Post #9


RMS is my Hero
******

Group: Support Specialist
Posts: 862
Joined: 18-February 04
From: Wisconsin
Member No.: 2,404



Sorry, I didn't make myself clear. XD

I'd like to have a proxy that I can use remotely (From school/work, say).

When searching for essays and such, I often find the page blocked. =/ I would like to set up a proxy at home to bypass this. happy.gif


--------------------
*Points finger at the author above him* They're a witch! Burn them!
---
Vist my website!
Join me in IRC! Server: st0rage.org Channel: #UnhandledExceptions
Go to the top of the page
 
+Quote Post

Reply to this topicStart new topic
2 User(s) are reading this topic (2 Guests and 0 Anonymous Users)
0 Members:

 



RSS Lo-Fi Version Time is now: 17th December 2017 - 07:01 AM