Linux – Squid 2.7.STABLE3-4.1 as a transparent proxy on Ubuntu Server 9.04

linuxPROXYsquidtransparent-proxyUbuntu

Can't get this to work at all!
I'm trying to get this linux box to act as a transparent proxy and, with the help of DHCP, force everyone on the network to gate into the proxy.

I have two ethernet connections, both to the same switch. And I'm trying to get 192.168.1.234 to become the default gateway.
The actual WAN connection is to a gateway 192.168.1.1.
eth0 is 192.168.1.234
eth1 is 192.168.1.2

Effectively I'm trying to make eth0 a LAN only interface and eth1 a WAN interface.
I've oi should set the gateway for eth1 to point to 192.168.1.234

my squid.conf file has the following directives added at the bottom:
nly set eth0 to have a gateway address in /etc/network/interfaces
I'm not sure whether
http_port 3128 transparent
acl lan src 192.168.1.0/24
acl lh src 127.0.0.1/255.255.255.0
http_access allow lan
http_access allow lh

i've added the following routing commands:

iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.1.2:3128
iptables -t nat -A PREROUTING -i eth1 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128

I set a computer with TCP settings 192.168.1.234 as the gateway and opened up google.com, but it comes up with a request error. Any ideas why this isn't working? 🙁 Been searching continuously for a solution to no avail.

—————————– EDIT ——————————-
Managed to get it to route properly to the squid, here's the error I get in the browser:

ERROR
The requested URL could not be retrieved

While trying to process the request:

GET / HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.9.1.2) Gecko/20090729 Firefox/3.5.2
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-gb,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Cache-Control: max-age=0



The following error was encountered:

    * Invalid Request 

Some aspect of the HTTP Request is invalid. Possible problems:

    * Missing or unknown request method
    * Missing URL
    * Missing HTTP Identifier (HTTP/1.0)
    * Request is too large
    * Content-Length missing for POST or PUT requests
    * Illegal character in hostname; underscores are not allowed 

Your cache administrator is webmaster.
Generated Mon, 26 Oct 2009 03:41:15 GMT by mjolnir.lloydharrington.local (squid/2.7.STABLE3)

Best Answer

Make sure you don't have conflicting port definitions, squid will probably listen on 3128 anyway, so you probably need to modify the existing statement, not add a new one.

Also try manually setting the box as a proxy and make sure it's otherwise working before making it transparent.

Related Topic