Transparent http proxy config

wizcrack.fedora · 02-26-2009, 10:25 AM

i am trying to configure a transparent reverse http proxy driven by an IDS and using squid as the proxy server. im new with squid configuration. what are the changes i have to make to the squid.config file?

the proxy has to

1. reroute possible attacks to a given web location
2. give service to authenticated requests.
3. log ip address of the computer that attacks the website.

i am creating a shopping cart website in php but launchin it only on the local LAN and i'm using the mysql database with apache as the web server and snort as the IDS.

here is my squid.conf file... what changes must i do?

http_port 3128
http_port 80 defaultsite=192.168.4.50
cache_peer 192.168.4.1 parent 80 0 no-query originserver
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 # https
acl SSL_ports port 563 # snews
acl SSL_ports port 873 # rsync
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 631 # cups
acl Safe_ports port 873 # rsync
acl Safe_ports port 901 # SWAT
acl web dstdomain 192.168.4.50
acl purge method PURGE
acl CONNECT method CONNECT
http_access allow web
http_access allow localhost
forwarded_for off
visible_hostname www.project.com
icp_port 3130
icp_query_timeout 2000
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache
ipcache_size 1024
ipcache_low 90
ipcache_high 95
access_log /var/log/squid/access.log squid
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
strip_query_terms on
ignore_unknown_nameservers on
digest_swapout_chunk_size 4096 bytes
digest_rebuild_chunk_percentage 10
detect_broken_pconn on
pipeline_prefetch off
request_entities off
high_response_time_warning 0
high_memory_warning 0
minimum_expiry_time 60 seconds
relaxed_header_parser warn