09 Feb 09 Linux Squid Transparent Proxy
There are a number of reasons why you might want to use Squid in transparent mode, I won’t go into them – I’ll just explain how!
In Squid versions before 2.6, you’ll want to edit your configuration to specify:
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
In 2.6 versions and beyond, you can append ‘transparent’ to the end of your http_port option, i.e.:
http_port 192.168.1.1:3128 transparent
Squid will now be ready for transparent proxying. Now create some iptables rules to push all outbound port 80 traffic through squid:
iptables -t nat -A PREROUTING -i eth0 -p tcp –dport 80 -j REDIRECT –to-port 3128
eth0 is the local side of your router, –dport 80 specifies a destination port of 80 (HTTP) and we’re going to redirect it to 3128 where your Squid proxy runs.
Tags: iptables, redirect, squid, transparent proxy
Reader's Comments
Leave a Comment
You must be logged in to post a comment.
|
I'm Adam Palmer, and I'm a PHP Programmer, Web Security Consultant, and Linux Consultant.
I run 'APNIC Solutions Ltd' and spend most of my time consulting, managing server clusters, and writing PHP, whilst what little spare time I have is dedicated to playing with gadgets.
|
[...] These are the same type of rules used to configure transparent proxying for Squid. [...]