Friday, November 7, 2008

transparent proxy using squid

Edit the squid configuration file for adding or modifying the following (/etc/squid/squid.conf):

httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
acl mylan src 192.168.0.0/24
http_access allow localhost
http_access allow mylan


Added following rules to forward all http requests (coming to port 80) to the Squid server port 3128 :

[eth0 connected to internet and eth1 connected to local lan]

iptables -t nat -A PREROUTING -i eth1 -p tcp –-dport 80 -j DNAT –to 192.168.0.1:3128
iptables -t nat -A PREROUTING -i eth0 -p tcp –-dport 80 -j REDIRECT –-to-port 3128


No comments: