Problems with squid


Recommended Posts

I have a transparent squid proxy that doesn't works very well. If I try to open my local page on my server (192.168.0.1) from any computer at my local network(192.168.0.0/24) the page doesn't load. I also can't open neowin page. When i flush the iptables redirection it works.

The iptables line wich does the redirection is:

iptables -t nat -A PREROUTING -p tcp -i eth0 --dport pop3 -j REDIRECT --to 8110

My squid.conf is:

visible_hostname gentoo
cache_mem 8 MB
maximum_object_size_in_memory 32 KB
http_port 3128

cache_replacement_policy heap GDSF
memory_replacement_policy heap GDSF

half_closed_clients off

cache_swap_high 100%
cache_swap_low 80%

shutdown_lifetime 3 seconds
icp_port 0

acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY

cache_effective_user squid
cache_effective_group squid

cache_access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log none
error_directory /etc/squid/errors
emulate_httpd_log on
log_mime_hdrs off

forwarded_for off

acl all src 0.0.0.0/0.0.0.0
acl localhost src 127.0.0.1/255.255.255.255
acl local src 192.168.0.0/255.255.255.0

acl SSL_ports port 445 443 441 563
acl Safe_ports port 80                  # http
acl Safe_ports port 21                  # ftp
acl Safe_ports port 445 443 441 563     # https, snews
acl Safe_ports port 70                  # gopher
acl Safe_ports port 210                 # wais 
acl Safe_ports port 1025-65535          # unregistered ports
acl Safe_ports port 280                 # http-mgmt
acl Safe_ports port 488                 # gss-http
acl Safe_ports port 591                 # filemaker
acl Safe_ports port 777                 # multiling http
acl CONNECT method CONNECT

http_access allow localhost
http_access allow local
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny all

httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy  on
httpd_accel_uses_host_header on
httpd_accel_single_host off

Link to comment
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.