LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Other *NIX Forums > *BSD
User Name
Password
*BSD This forum is for the discussion of all BSD variants.
FreeBSD, OpenBSD, NetBSD, etc.

Notices

Reply
 
Search this Thread
Old 12-16-2006, 07:18 PM   #1
zazazz
LQ Newbie
 
Registered: Dec 2006
Posts: 9

Rep: Reputation: 0
HELP: how do You setup Squid to work transparently?


Could anybody write, step by step list of actions how do You make Your squid work transparently on freeBSD network server. If possible - with version numbers of software and beginning with getting squids' source , packet redirection till happy end. ... Why I am asking this, when the internet is full of guides? Because I came to a dead end.... my squid is working fine when browser is set to use proxy. and it works even transparently.....but transparently...when more than somewhat 5 clients connect..... new clients' packets are not processed. with no errors.... simply so... HELP!

Last edited by zazazz; 12-16-2006 at 07:22 PM.
 
Old 12-17-2006, 10:08 PM   #2
gani
Member
 
Registered: Jun 2004
Location: Metro Manila, Philippines
Distribution: OpenBSD, Slackware, XP
Posts: 347

Rep: Reputation: 31
This is for version 2.5 that I've only followed from a web howto. Just find their respective places in squid.conf.

/etc/squid/squid.conf:

Code:
http_port 127.0.0.1:3128

visible_hostname host.yourdomain.com
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on

....
..
acl Safe_ports port 445    # to allow windows update
acl CONNECT method CONNECT

....
..
acl local_net src 192.168.0.0/24
http_access allow local_net localhost
Create the cache directories:

# /usr/local/sbin/squid -z

Redirect your local network (192.168.0.0/24) to squid's IP (127.0.0.1) and squid's port (3128). If you are using PF in your FBSD, as an example:

/etc/pf.conf:
Code:
nat on $ext_if from ! ($ext_if) to any -> ($ext_if:0)
rdr on $int_if proto tcp from any to any port www -> 127.0.0.1 port 3128
Start the program:

# /usr/local/sbin/squid

check the cache.log for good signs:

# cat /var/squid/logs/cache.log

Code:
2006/11/14 19:33:38| Starting Squid Cache version 2.5.STABLE13 for i386-unknown-
openbsd4.0...
2006/11/14 19:33:38| Process ID 14405
2006/11/14 19:33:38| With 1024 file descriptors available
2006/11/14 19:33:38| Performing DNS Tests...
2006/11/14 19:33:38| Successful DNS name lookup tests...
2006/11/14 19:33:38| DNS Socket created at 0.0.0.0, port 42525, FD 5
2006/11/14 19:33:38| Adding nameserver 127.0.0.1 from /etc/resolv.conf
2006/11/14 19:33:38| Unlinkd pipe opened on FD 10
2006/11/14 19:33:38| Swap maxSize 7340032 KB, estimated 564617 objects
2006/11/14 19:33:38| Target number of buckets: 28230
2006/11/14 19:33:38| Using 32768 Store buckets
2006/11/14 19:33:38| Max Mem  size: 102400 KB
2006/11/14 19:33:38| Max Swap size: 7340032 KB
2006/11/14 19:33:38| Rebuilding storage in /var/squid/cache (DIRTY)
2006/11/14 19:33:38| Using Least Load store dir selection
2006/11/14 19:33:38| Set Current Directory to /var/squid/cache
2006/11/14 19:33:38| Loaded Icons.
2006/11/14 19:33:38| Accepting HTTP connections at 127.0.0.1, port 3128, FD 11.
2006/11/14 19:33:38| Accepting ICP messages at 0.0.0.0, port 3130, FD 12.
2006/11/14 19:33:38| WCCP Disabled.
2006/11/14 19:33:38| Ready to serve requests.
2006/11/14 19:33:43| Done scanning /var/squid/cache (0 entries)
2006/11/14 19:33:43| Finished rebuilding storage from disk.
2006/11/14 19:33:43|         0 Entries scanned
2006/11/14 19:33:43|         0 Invalid entries.
2006/11/14 19:33:43|         0 With invalid flags.
2006/11/14 19:33:43|         0 Objects loaded.
2006/11/14 19:33:43|         0 Objects expired.
2006/11/14 19:33:43|         0 Objects cancelled.
2006/11/14 19:33:43|         0 Duplicate URLs purged.
2006/11/14 19:33:43|         0 Swapfile clashes avoided.
2006/11/14 19:33:43|   Took 5.2 seconds (   0.0 objects/sec).
2006/11/14 19:33:43| Beginning Validation Procedure
2006/11/14 19:33:43|   Completed Validation Procedure
2006/11/14 19:33:43|   Validated 0 Entries
2006/11/14 19:33:43|   store_swap_size = 0k
2006/11/14 19:33:43| storeLateRelease: released 0 objects
When squid is bind at 127.0.0.1, you don't need to specify a proxy ADDRESS:PORT combination in your clients' browsers. The redirection rule in your firewall will do it for them automatically. In IE, no checked boxes in LAN Settings and in other browsers, it is no proxy or connect directly to the internet.
 
Old 12-25-2006, 08:25 AM   #3
zazazz
LQ Newbie
 
Registered: Dec 2006
Posts: 9

Original Poster
Rep: Reputation: 0
and what rules do You add to file ipnat.rules when using IPNAT?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Squid firewall setup cortj Linux - Networking 9 10-11-2006 04:05 AM
Installing Captive drivers to reasd NTFS drives transparently crash_zero Mandriva 6 02-12-2005 06:57 PM
Please help me on my squid 2.5 setup wennie Linux - General 8 11-04-2004 11:17 AM
Help to configure network to transparently access the zaurus handheld. cmisip Linux - Networking 0 06-07-2004 11:50 PM
Setup Squid question... hct224 Linux - Newbie 0 05-02-2004 10:09 AM


All times are GMT -5. The time now is 12:02 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration