Share your knowledge at the LQ Wiki.
Go Back > Forums > Linux Forums > Linux - Networking
User Name
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.


  Search this Thread
Old 06-10-2015, 09:11 AM   #1
LQ Newbie
Registered: Mar 2004
Posts: 18

Rep: Reputation: 0
Problems setting up squid in transparent mode using fedora 21

Hello everyone,

I'm having problems setting up squid in trasparent mode using fedora 21 and firewalld on my laptop workstation. I'm using a laptop with a wifi conection to the internet and that's it. Wifi IP is Works well when I configure squid in my browser (, but not in transparent mode, so, here is my configuration:


visible_hostname localhost.localdomain

acl localnet src # RFC1918 possible internal network
acl localnet src # RFC1918 possible internal network
acl localnet src # RFC1918 possible internal network
acl localnet src fc00::/7 # RFC 4193 local private network range
acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged)

acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl palabrasno url_regex wikipedia google yahoo facebook fb wix wixtools
acl restringe dstdomain "/etc/squid/bad.acl"

http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports

http_access allow localhost manager
http_access deny manager

http_access allow localnet !palabrasno !restringe
http_access allow localhost !palabrasno !restringe

http_access deny all

http_port intercept

coredump_dir /var/spool/squid

refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320

firewall-cmd --list-all

public (default, active)
interfaces: tun0 wlp4s0
services: dhcpv6-client http https mdns squid ssh
ports: 3128/tcp
masquerade: yes
forward-ports: port=80roto=tcp:toport=3128:toaddr=
rich rules:

Can someone tell me what am I missing?, how can I force redirect traffic through 3128?

Thanks in advance...
Old 06-10-2015, 08:52 PM   #2
LQ Newbie
Registered: Mar 2004
Posts: 18

Original Poster
Rep: Reputation: 0
Can anybody give me a hint?...

Thank you.
Old 06-11-2015, 03:31 PM   #3
LQ Newbie
Registered: Mar 2004
Posts: 18

Original Poster
Rep: Reputation: 0
I am in shock, this is the first time I post on forums without a reply... I always regarded this forum as the ultimate linux help platform... can anyone kindly help please?...
Old 12-16-2016, 06:36 AM   #4
LQ Newbie
Registered: Mar 2004
Posts: 18

Original Poster
Rep: Reputation: 0

Well I replaced this line:

http_port intercept

with this line

http_port transparent

and everything start working as it should.

But, I discovered that this setup doesn't work well with HTTPS, if you want to succesfully filter HTTPS, then you have to put the proxy settings directly in the browser, or, if you don't want to configure each client proxy setting (computer, tablet, phone, etc), then have a look at wpad and pac file for automatic proxy discovery.

Ok, I will mark this one as solved.

Last edited by acarri; 12-16-2016 at 06:39 AM.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
By-Pass Local domains in squid which is running in transparent mode on the network absumant Linux - Networking 3 02-17-2013 02:45 PM
[SOLVED] Squid In Transparent Mode... Frank Ng'andwe Linux - Newbie 28 01-26-2012 12:31 PM
Squid in Transparent Mode and Secure Sites pankaj_garg Linux - Server 11 01-19-2012 01:08 PM
Problem setting up Transparent bridge mode across 2 CentOS boxes vragukumar Linux - Networking 2 12-18-2009 11:58 AM
Squid does not listen at transparent (intercept) mode!!! HELP! mpeg2server Linux - Server 4 12-05-2009 05:25 AM > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 03:29 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration