setup squid3

Discussion in 'HOWTO-Related Questions' started by sureshk89, Dec 20, 2010.

  1. sureshk89

    sureshk89 New Member

    Hi
    I installed squid3 in my centos 5.5.I tried for transparent proxy which dint work for me. Its working manually after changing in browser.My squid lstens to 4880 port. I have some problems with iptables i think. I am getting following warning when i restart squid.
    lan0=internet, lan1=local.


    """"""Stopping squid: ................ [ OK ]
    2010/12/17 07:16:43| Processing Configuration File: /etc/squid/squid.conf (depth 0)
    2010/12/17 07:16:43| Starting Authentication on port 192.168.0.1:4115
    2010/12/17 07:16:43| Disabling Authentication on port 192.168.0.1:4115 (interception enabled)
    2010/12/17 07:16:43| Initializing https proxy context
    Starting squid: . [ OK ]""""""

    My squid.conf file changes as follows
    ""

    acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
    acl localnet src 192.168.1.60 192.168.0.0/24 # RFC1918 possible internal network

    acl SSL_ports port 443 563 # https, snews
    acl SSL_ports port 873 # rsync
    acl SSL_ports port 443
    acl Safe_ports port 110 #pop3
    acl Safe_ports port 25 #smtp
    acl Safe_ports port 465
    acl Safe_ports port 143
    acl Safe_ports port 585
    acl Safe_ports port 80 # http
    acl Safe_ports port 993
    acl Safe_ports port 21 # ftp
    acl Safe_ports port 443 # https
    acl Safe_ports port 70 # gopher
    acl Safe_ports port 210 # wais
    acl Safe_ports port 21132 #SharePoint
    acl Safe_ports port 1025-65535 # unregistered ports
    acl Safe_ports port 280 # http-mgmt
    acl Safe_ports port 488 # gss-http
    acl Safe_ports port 591 # filemaker
    acl Safe_ports port 777 # multiling http
    acl Safe_ports port 631 # cups
    acl Safe_ports port 873 # rsync
    acl Safe_ports port 901 # SWAT
    acl purge method PURGE
    acl CONNECT method CONNECT
    http_access allow manager localhost
    http_access deny manager
    http_access allow purge localhost
    http_access deny purge
    http_access deny !Safe_ports
    http_access deny CONNECT !SSL_ports
    http_access allow localnet
    http_access allow localhost
    http_access deny all
    http_reply_access allow all
    icp_access allow localnet
    icp_access deny all
    htcp_access allow localnet
    htcp_access deny all
    refresh_pattern ^ftp: 1440 20% 10080
    refresh_pattern ^gopher: 1440 0% 1440
    refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
    refresh_pattern . 0 20% 4320
    http_port 192.168.0.1:4880 transparent
    always_direct allow all
    """
    iptables rule
    ""iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 4880""

    Anything wrong in the above.please help

    Thanks and Regards
    Suresh
     
    sureshk89, Dec 20, 2010
    #1

Share This Page