LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 02-12-2008, 05:03 AM   #1
linderox
LQ Newbie
 
Registered: Apr 2007
Posts: 29

Rep: Reputation: 15
Transperent and not-transperent squid


I have linux and windows clients in my office net.
I use transperent squid. It is works on Windows clients,but doesn't work on the Ubuntu clients. and I should edit "proxy-server" line in my browsers!
 
Old 02-12-2008, 08:27 AM   #2
Dinithion
Member
 
Registered: Oct 2007
Location: Norway
Distribution: Slackware 14.1
Posts: 446

Rep: Reputation: 59
Hmm.. Sounds weird. Usually if the transparent proxy is configured correctly, it should work no matter what OS is running on the clients, as the gateway routes traffic on port 80 to squid. Are you sure it's really transparent? Have you assigned the correct iptable rules?

Be aware that the local computer hosting squid, will not be affected by iptables the same way clients in the network. I have no in-depth answer to this, other then the iptables is usually configured for you network card (ethX), and the local machine use lo (Loopback) for network traffic in some strange way. (There are probably some gurus here to give a better explanation).
 
Old 02-12-2008, 08:33 AM   #3
pkhera_2001
Member
 
Registered: Mar 2006
Location: New Delhi, India
Distribution: Fedora, CentOS, RHEL, Ubuntu
Posts: 67

Rep: Reputation: 18
which browser do you use on Ubuntu Client

Hi,

this seems to be an issue related with proxy seetings on ubunto client's web broswer.

Which browser do you use on Ubunto clients and what are the settings you have entered ?

Regards,
Parveen Khera
pkhera_2001@rediffmail.com
 
Old 02-12-2008, 11:32 PM   #4
linderox
LQ Newbie
 
Registered: Apr 2007
Posts: 29

Original Poster
Rep: Reputation: 15
squid.conf
Code:
http_port 10.0.3.1:4000
icp_port 0
udp_incoming_address 10.0.3.1
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
cache_dir ufs /var/cache/squid 1000 30 256
logformat my %ts %>a %<st %ru %Sh %mt
access_log /var/log/squid/access.mylog my
access_log /var/log/squid/access.log squid
pid_filename /var/run/squid.pid
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off
refresh_pattern ^ftp:           1440    20%     10080
refresh_pattern ^gopher:        1440    0%      1440
refresh_pattern .               0       20%     4320
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl litvinov src 10.0.3.103/255.255.255.255
acl zaharov src 10.0.3.70/255.255.255.255
acl buh src 10.0.3.33/255.255.255.255
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80          # http
acl Safe_ports port 110         # POP3
acl Safe_ports port 25          # SMTP
acl Safe_ports port 53          # DNS
acl Safe_ports port 21          # ftp
acl Safe_ports port 443 563     # https, snews
acl Safe_ports port 30583       # gopher
acl Safe_ports port 1025-65535  # unregistered ports
acl CONNECT method CONNECT
acl LOCAL src 10.0.3.0/24
acl BANNER url_regex -i movie banner games wallpap reklama linkexch click love banpics stars dom2 xxx sex girls boobs telki pussy tits hentai babes porn desctopix oboi erogall damvam begun   бёus\.yimg\.com [\./]ad[s]?[\./]
acl media url_regex -i \.avi$ \.mpg$ \.mpeg$ \.mp3$ \.3gp$ \.mov$ \.wav$ \.wm$ \.swf$
acl BANNERS url_regex "/etc/squid/banners"
acl accepted dstdomain "/etc/squid/accepted"
http_access allow zaharov all
http_access deny BANNERS
http_access deny media
http_access allow LOCAL
http_access deny all
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_reply_access allow all
visible_hostname Local Proxy Server
forwarded_for off
coredump_dir /var/cache/squid
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on httpd_accel_uses_host_header on
iptables -L

Code:
$ sudo iptables -L
Chain INPUT (policy DROP)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:smtp
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ssh
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:http
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:45689

Chain FORWARD (policy DROP)
target     prot opt source               destination
ACCEPT     tcp  --  10.0.3.0/24          anywhere            tcp dpt:20003
ACCEPT     all  --  10.0.3.2             anywhere
ACCEPT     all  --  10.0.3.3             anywhere
ACCEPT     all  --  anywhere             10.0.3.0/24         state RELATED,ESTABLISHED
ACCEPT     icmp --  10.0.3.0/24          anywhere
ACCEPT     tcp  --  10.0.3.0/24          anywhere            tcp dpt:https
ACCEPT     tcp  --  10.0.3.0/24          anywhere            tcp dpt:aol

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
LOG        all  --  anywhere             anywhere            limit: avg 3/min burst 3 LOG level info prefix `ACC_IN:'
ACCEPT     tcp  --  10.0.3.0/24          anywhere            tcp spt:http
 
Old 02-12-2008, 11:33 PM   #5
linderox
LQ Newbie
 
Registered: Apr 2007
Posts: 29

Original Poster
Rep: Reputation: 15
Quote:
Originally Posted by pkhera_2001 View Post
Hi,

this seems to be an issue related with proxy seetings on ubunto client's web broswer.

Which browser do you use on Ubunto clients and what are the settings you have entered ?

Regards,
Parveen Khera
pkhera_2001@rediffmail.com
firefox on Ubuntu
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
SQUID for blocking yahoo and msn [inc squid.conf] chrisfirestar Linux - Security 10 03-03-2008 09:33 AM
transperent proxy pankajkarde Linux - Server 1 03-09-2007 08:45 AM
Hogwash-transperent firewall sajigeorge Linux - Security 2 01-30-2006 12:34 AM
how can i make transperent windows? jabka Linux - General 1 10-08-2005 11:21 AM
squid conf: squid failed when I type insert redirect_program /usr/bin/squidguard Niceman2005 Linux - Software 1 11-24-2004 03:29 PM


All times are GMT -5. The time now is 10:39 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration