LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 07-27-2012, 08:21 AM   #1
roopakl
Member
 
Registered: Sep 2011
Posts: 95

Rep: Reputation: Disabled
how to bypass squid proxy to particular client


Hi All,
I have configured squid transparent proxy(squid3-3.1.19) server on ubuntu 12.04 and everything is working fine.
By default all LAN user's port 80 request is redirecting to squid port 3128. But I don't want to redirect one of the client(172.16.0.*/16)'s port 80 request to 3128 and server should be working as only router to only that particular machine(172.16.0.*/16) and also there won't be any squid logs for this particular IP, which means I want to send port 80 request or all port requests that are coming from 172.16.0.*/16 to internet directly.
So is it possible to achieve this either using iptables rules or squid ACLs.
Thanks in advanse for your kind help.
 
Old 07-27-2012, 08:43 AM   #2
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985
well clearly you can't bypass squid with squid config, but yes you can certainly change the redirection rule to exclude that IP, just add "-s ! 172.16.12.34" to the entry.

I wouldn't generally suggest that you shoudln't bypass squid though, but give it special rules within squid with an ACL.
 
2 members found this post helpful.
Old 07-27-2012, 10:52 AM   #3
roopakl
Member
 
Registered: Sep 2011
Posts: 95

Original Poster
Rep: Reputation: Disabled
Thanks acid_kewpie
Quote:
just add "-s ! 172.16.12.34" to the entry.
Could please mention where I have to add this entry i.e
Code:
FORWARD chain?
or
nat table?
I request you to post the full command.
 
Old 07-27-2012, 02:07 PM   #4
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985
well it's the nat table your redirect to port 3128 is on isn't it?
 
1 members found this post helpful.
Old 07-27-2012, 10:52 PM   #5
roopakl
Member
 
Registered: Sep 2011
Posts: 95

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by acid_kewpie View Post
well it's the nat table your redirect to port 3128 is on isn't it?
Yes acid_kewpie, it is on, how can I prevent by redirecting port 80 request from 172.16.0.128/16 machine to squid port 3128.
I request you to post the command.
Code:
172.16.0.128/16 --->port 80 request--->should directly goes to internet.
not like below
172.16.0.128/16 --->port 80 request--->squid port 3128--->internet
 
Old 07-30-2012, 12:56 AM   #6
roopakl
Member
 
Registered: Sep 2011
Posts: 95

Original Poster
Rep: Reputation: Disabled
May I get your kind help for the above?
 
Old 07-30-2012, 03:00 AM   #7
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985Reputation: 1985
you already have a redirect rule, just add the bit I gave you on to it.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Using iptables to bypass squid proxy for a specific domain jcopley Linux - Security 4 05-26-2015 01:38 PM
Squid questions, proxy bypass, and configuration scheidel21 Linux - Server 4 10-16-2009 03:34 PM
Squid and Dansguardian in use, but users to bypass proxy on certain times of the day codenjanod Linux - Server 1 09-25-2009 12:47 PM
restrict users to bypass the squid proxy server rashid_47010 Linux - Server 2 08-05-2009 11:35 AM
How to bypass proxy auth using squid sixth_sense Linux - Networking 7 09-20-2007 07:43 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 10:17 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration