transparent proxy

transparent proxy

Post by desmon » Mon, 23 Aug 1999 04:00:00



L.S.

I use a cablemodem to connect to the internet. Because my clients are heavy
internet users I've installed IP masquerading I also installed squid both
work fine. The problem is that my client by using masquerading can get
around squid so I tried to install transparent proxying but it doesn't work.
Any Ideas ???

 
 
 

transparent proxy

Post by Tom Easte » Mon, 23 Aug 1999 04:00:00



> L.S.

> I use a cablemodem to connect to the internet. Because my clients are heavy
> internet users I've installed IP masquerading I also installed squid both
> work fine. The problem is that my client by using masquerading can get
> around squid so I tried to install transparent proxying but it doesn't work.
> Any Ideas ???

You could deny TCP port 80 SYN packets from your local network.

--
Tom Eastep


 
 
 

transparent proxy

Post by Tom Easte » Mon, 23 Aug 1999 04:00:00



> You could deny TCP port 80 SYN packets from your local network.

Please pardon me responding to my own post. The above suggestion is
obviously in lieu of using transparent proxy and assumes that Squid is
listening on a port other than 80.

> --
> Tom Eastep


--
Tom Eastep

 
 
 

transparent proxy

Post by desmon » Mon, 23 Aug 1999 04:00:00





> > You could deny TCP port 80 SYN packets from your local network.

> Please pardon me responding to my own post. The above suggestion is
> obviously in lieu of using transparent proxy and assumes that Squid is
> listening on a port other than 80.

> > --
> > Tom Eastep

> --
> Tom Eastep


I've already tried blocking port 80 (squid listens on 3128) I also
implemented some changes in squid.conf and redirected traffic via ipchains.
But it still didn't work.
 
 
 

transparent proxy

Post by sham khali » Tue, 24 Aug 1999 04:00:00


you could try this to your input chains
accept tcp port 80 destination to your server then
redirect tcp port 80 to port 3128 destination 0/0 .

so all tcp packets to port 80 going to outside your server will be
redirected to squid listening at port 3128.
anyway what's your ipchains command?

for squid.conf you have to enabled accel to virtual server

sham khalil




> > Tom Eastep

> I've already tried blocking port 80 (squid listens on 3128) I also
> implemented some changes in squid.conf and redirected traffic via
ipchains.
> But it still didn't work.