Adam Palmer MBCS CITP, Linux, PHP Programmer, MySQL Developer, Embedded Hardware, Security Consultant
Did my blog help you? Please link to me!
Did my blog help you? Please link to me!
09 Feb 09 Linux Squid Transparent Proxy
There are a number of reasons why you might want to use Squid in transparent mode, I won’t go into them – I’ll just explain how!
In Squid versions before 2.6, you’ll want to edit your configuration to specify:
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
In 2.6 versions and beyond, you can append ‘transparent’ to the end of your http_port option, i.e.:
http_port 192.168.1.1:3128 transparent
Squid will now be ready for transparent proxying. Now create some iptables rules to push all outbound port 80 traffic through squid:
iptables -t nat -A PREROUTING -i eth0 -p tcp –dport 80 -j REDIRECT –to-port 3128
eth0 is the local side of your router, –dport 80 specifies a destination port of 80 (HTTP) and we’re going to redirect it to 3128 where your Squid proxy runs.
Tags: iptables, redirect, squid, transparent proxy
Reader's Comments
Leave a Comment
|
I'm Adam Palmer, and I'm a Freelance Embedded Linux/Embedded Hardware enthusiast and Security Consultant. I run 'APNIC Solutions Ltd' and spend most of my time managing server clusters, and doing some PHP/MySQL development, whilst what little spare time I have is dedicated to playing with gadgets. I'm always happy to consult on or manage any Linux related, Web Application or Hosting project. Please get in touch with me! |
[...] These are the same type of rules used to configure transparent proxying for Squid. [...]