dear all.

i have installed squid 3.1.10 on centos 6.4. by giving proxy address and port in client broser squid works fine but not work as transparent.

centos 6.4
squid 3.1.10

eth0 (internet)
ip : 192.168.1.12/24
Defaul gat: :192.168.1.1
DNS : 8.8.8.8 also try 192.168.1.1

internet is working on the proxy server but squid not listening(tail -f /var/log/squid/access.log)
eth1(LAN)

ip : 192.168.2.1/24
gateway :0.0.0.0
DNS : 8.8.8.8 also try 192.168.1.1 and also wthout dns.

/etc/squid.conf

http_port 3128 transparent
visible_hostname myproxyserver also try myproxyserver.fcc.com

iptables

iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j DNAT --to 192.168.2.1:3128
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128
iptables -I INPUT -s 192.168.2.0/24 -p tcp --dport 3128 -j ACCEPT

please guide.

Can you please share output of

iptables -t nat -L -n -v

Ideally packets should hit PREROUTING chain of nat table.

DNS query could be a issue here, So i recommned to create a cache only dns server is your LAN.


Thanks

i have run the squid as transparent but now i am unable to stop media formats download like mp4, exe, before its working but with transparent not working. i try url_regex"" and urpath_regex "" but not work. have you any suggestion.

dear all,

now squid is working as transparet but unable to block internet download manager to stop donloading the file. need help

Dear ishtiaqaj:

Since, IDM and some other Download Manager software use 80 port, I don't know any other way without using a firewall/filter appliance that does Transport Layer level Deep Packet Inspection by which filtering is possible reading inside of the data packet being sent.

For the time being, you can restrict IDM downloaders with blocking domains in squid if they download frequently from any specific/common sites until any Guru can show us any precise way.

Thanks a lot.